Lucene search

[email protected]CVE-2002-0881

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0881

2002-10-0404:00:00

[email protected]

web.nvd.nist.gov

cisco

ip phone

voip

7910

7940

7960

default password

physical access

security vulnerability

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.4%

JSON

Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings.

Affected configurations

NVD

Node

ciscovoip_phone_cp-7940Match3.0

ciscovoip_phone_cp-7940Match3.1

ciscovoip_phone_cp-7940Match3.2

ciscoskinny_client_control_protocol_softwareMatch3.0

ciscoskinny_client_control_protocol_softwareMatch3.1

ciscoskinny_client_control_protocol_softwareMatch3.2

CPENameOperatorVersion
cisco:voip_phone_cp-7940cisco voip phone cp-7940eq3.0
cisco:voip_phone_cp-7940cisco voip phone cp-7940eq3.1
cisco:voip_phone_cp-7940cisco voip phone cp-7940eq3.2
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq3.0
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq3.1
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq3.2

CPE	Name	Operator	Version
cisco:voip_phone_cp-7940	cisco voip phone cp-7940	eq	3.0
cisco:voip_phone_cp-7940	cisco voip phone cp-7940	eq	3.1
cisco:voip_phone_cp-7940	cisco voip phone cp-7940	eq	3.2
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	3.0
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	3.1
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	3.2

References

online.securityfocus.com/archive/1/273673

www.cisco.com/warp/public/707/multiple-ip-phone-vulnerabilities-pub.shtml

www.iss.net/security_center/static/9144.php

www.securityfocus.com/bid/4799

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.4%

JSON

Related for CVE-2002-0881

cvelist1 nvd1