Input validation

2019-10-1619:15:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.5%

JSON

A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper validation of user-supplied requests to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the device to stop responding, requiring manual intervention for recovery.

CPENameOperatorVersion
spa112_firmwarelt1.4.1
spa112_firmwareeq1.4.1
spa112_firmwareeq1.4.1 sr1
spa112_firmwareeq1.4.1 sr2
spa112_firmwareeq1.4.1 sr3
spa122_firmwarelt1.4.1
spa122_firmwareeq1.4.1
spa122_firmwareeq1.4.1 sr1
spa122_firmwareeq1.4.1 sr2
spa122_firmwareeq1.4.1 sr3

Name	Operator	Version
spa112_firmware	lt	1.4.1
spa112_firmware	eq	1.4.1
spa112_firmware	eq	1.4.1 sr1
spa112_firmware	eq	1.4.1 sr2
spa112_firmware	eq	1.4.1 sr3
spa122_firmware	lt	1.4.1
spa122_firmware	eq	1.4.1
spa122_firmware	eq	1.4.1 sr1
spa122_firmware	eq	1.4.1 sr2
spa122_firmware	eq	1.4.1 sr3