CVE-2024-20533

🗓️ 06 Nov 2024 16:31:21Reported by ciscoType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 45 Views

A vulnerability in Cisco desk phone and video phone web interface

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability in the web interface of the microprogramming software for Cisco IP Phones 6800, 7800, 8800, and Cisco Video Phone 8875 allows attackers to perform cross-site scripting attacks.	19 Nov 202400:00	–	bdu_fstec
Circl	CVE-2024-20533	6 Nov 202419:10	–	circl
Tenable Nessus	Cisco IP Phones Stored XSS (cisco-sa-mpp-xss-8tAV2TvF)	15 Nov 202400:00	–	nessus
CNNVD	Cisco IP Phone 跨站脚本漏洞	6 Nov 202400:00	–	cnnvd
Cvelist	CVE-2024-20533 Cisco IP Phone 6800, 7800, 8800, and 9800 Series with Multiplatform Firmware Stored Cross-Site Scripting Vulnerabilities	6 Nov 202416:31	–	cvelist
EUVD	EUVD-2024-18248	3 Oct 202520:07	–	euvd
NVD	CVE-2024-20533	6 Nov 202417:15	–	nvd
OSV	CVE-2024-20533	6 Nov 202417:15	–	osv
Positive Technologies	PT-2024-8287	6 Nov 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-20533	23 May 202507:49	–	redhatcve

NVD

Node

cisco desk_phone_9841_with_multiplatform_firmwareMatch3.1(1)-

cisco desk_phone_9841_with_multiplatform_firmwareMatch3.1(1)sr1

AND

cisco desk_phone_9841Match-

Node

cisco desk_phone_9851_with_multiplatform_firmwareMatch3.1(1)-

cisco desk_phone_9851_with_multiplatform_firmwareMatch3.1(1)sr1

AND

cisco desk_phone_9851Match-

Node

cisco desk_phone_9861_with_multiplatform_firmwareMatch3.1(1)-

cisco desk_phone_9861_with_multiplatform_firmwareMatch3.1(1)sr1

AND

cisco desk_phone_9861Match-

Node

cisco desk_phone_9871_with_multiplatform_firmwareMatch3.1(1)-

cisco desk_phone_9871_with_multiplatform_firmwareMatch3.1(1)sr1

AND

cisco desk_phone_9871Match-

Node

cisco ip_phone_6821_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_6821Match-

Node

cisco ip_phone_6841_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_6841Match-

Node

cisco ip_phone_6851_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_6851Match-

Node

cisco ip_phone_6861_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_6861Match-

Node

cisco ip_phone_6871_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_6871Match-

Node

cisco ip_phone_7811_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_7811Match-

Node

cisco ip_phone_7821_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_7821Match-

Node

cisco ip_phone_7832_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_7832Match-

Node

cisco ip_phone_7841_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_7841Match-

Node

cisco ip_phone_7861_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_7861Match-

Node

cisco ip_phone_8811_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_8811Match-

Node

cisco ip_phone_8832_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_8832Match-

Node

cisco ip_phone_8841_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_8841Match-

Node

cisco ip_phone_8845_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_8845Match-

Node

cisco ip_phone_8851_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_8851Match-

Node

cisco ip_phone_8861_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_8861Match-

Node

cisco ip_phone_8865_with_multiplatform_firmwareMatch12.0(5)sr1

AND

cisco ip_phone_8865Match-

Node

cisco video_phone_8875_with_multiplatform_firmwareRange<2.3(1)-

cisco video_phone_8875_with_multiplatform_firmwareMatch2.3(1)-

cisco video_phone_8875_with_multiplatform_firmwareMatch2.3(1)sr1

AND

cisco video_phone_8875Match-

Node

cisco ip_phone_8831_with_multiplatform_firmwareMatch-

AND

cisco ip_phone_8831Match-

[
  {
    "vendor": "Cisco",
    "product": "Cisco IP Phones with Multiplatform Firmware",
    "versions": [
      {
        "version": "11.1.2",
        "status": "affected"
      },
      {
        "version": "11.2.1",
        "status": "affected"
      },
      {
        "version": "11.2.3",
        "status": "affected"
      },
      {
        "version": "11.2.2",
        "status": "affected"
      },
      {
        "version": "11.2.3 MSR1-1",
        "status": "affected"
      },
      {
        "version": "11.1.2 MSR1-1",
        "status": "affected"
      },
      {
        "version": "11.1.1",
        "status": "affected"
      },
      {
        "version": "11.1.2 MSR3-1",
        "status": "affected"
      },
      {
        "version": "11.0.0",
        "status": "affected"
      },
      {
        "version": "11.1.1 MSR1-1",
        "status": "affected"
      },
      {
        "version": "11.0.1",
        "status": "affected"
      },
      {
        "version": "11.1.1 MSR2-1",
        "status": "affected"
      },
      {
        "version": "11.2.4",
        "status": "affected"
      },
      {
        "version": "11.0.1 MSR1-1",
        "status": "affected"
      },
      {
        "version": "11.0.2",
        "status": "affected"
      },
      {
        "version": "11.3.1",
        "status": "affected"
      },
      {
        "version": "11.3.1 MSR1-3",
        "status": "affected"
      },
      {
        "version": "11.3.2",
        "status": "affected"
      },
      {
        "version": "11.3.1 MSR2-6",
        "status": "affected"
      },
      {
        "version": "11-3-1MSR2UPG",
        "status": "affected"
      },
      {
        "version": "11.3.1 MSR3-3",
        "status": "affected"
      },
      {
        "version": "11.3.3",
        "status": "affected"
      },
      {
        "version": "11.3.1 MSR4-1",
        "status": "affected"
      },
      {
        "version": "11.3.4",
        "status": "affected"
      },
      {
        "version": "11.3.5",
        "status": "affected"
      },
      {
        "version": "11.3.3 MSR1",
        "status": "affected"
      },
      {
        "version": "11.3.3 MSR2",
        "status": "affected"
      },
      {
        "version": "11.3.6",
        "status": "affected"
      },
      {
        "version": "11-3-1MPPSR4UPG",
        "status": "affected"
      },
      {
        "version": "11.3.6SR1",
        "status": "affected"
      },
      {
        "version": "11.3.7",
        "status": "affected"
      },
      {
        "version": "11.3.7SR1",
        "status": "affected"
      },
      {
        "version": "12.0.1",
        "status": "affected"
      },
      {
        "version": "12.0.2",
        "status": "affected"
      },
      {
        "version": "11.3.7SR2",
        "status": "affected"
      },
      {
        "version": "12.0.3",
        "status": "affected"
      },
      {
        "version": "12.0.3SR1",
        "status": "affected"
      },
      {
        "version": "12.0.4",
        "status": "affected"
      },
      {
        "version": "12.0.4SR1",
        "status": "affected"
      },
      {
        "version": "12.0.5",
        "status": "affected"
      },
      {
        "version": "12.0.5SR1",
        "status": "affected"
      },
      {
        "version": "12.0.3SR2",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Session Initiation Protocol (SIP) Software",
    "versions": [
      {
        "version": "3.1(1)",
        "status": "affected"
      },
      {
        "version": "3.0(1)",
        "status": "affected"
      },
      {
        "version": "3.1(1)SR1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF

17 Jun 2026 07:07Current

5Medium risk

Vulners AI Score5

CVSS 3.14.8

EPSS0.0027

SSVC

CWE-79