CVE-2015-0602

2015-02-0715:59:08

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.003

Percentile

70.6%

JSON

The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117.

Affected configurations

Nvd

Node

ciscounified_ip_phones_9900_series_firmwareRange≤9.4\(.1\)

AND

ciscounified_ip_phone_9951

ciscounified_ip_phone_9971

VendorProductVersionCPE
ciscounified_ip_phones_9900_series_firmware*cpe:2.3:o:cisco:unified_ip_phones_9900_series_firmware:*:*:*:*:*:*:*:*
ciscounified_ip_phone_9951*cpe:2.3:h:cisco:unified_ip_phone_9951:*:*:*:*:*:*:*:*
ciscounified_ip_phone_9971*cpe:2.3:h:cisco:unified_ip_phone_9971:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_ip_phones_9900_series_firmware	*	cpe:2.3:o:cisco:unified_ip_phones_9900_series_firmware::::::::
cisco	unified_ip_phone_9951	*	cpe:2.3:h:cisco:unified_ip_phone_9951::::::::
cisco	unified_ip_phone_9971	*	cpe:2.3:h:cisco:unified_ip_phone_9971::::::::