CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The vulnerability in the web interface for controlling microprogrammed software in Cisco SPA100 Series IP phones allows a perpetrator to access confidential information.

The vulnerability in the web interface for managing microprogrammed IP telephone devices of the Cisco SPA100 series is related to the insecure processing of user credentials. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...

6.8CVSS6.8AI score0.01088EPSS

Exploits0References3

BDU FSTEC•added 2019/11/19 12:0 a.m.•3 views

The vulnerability of the microprogramming software of Cisco SPA100 Series IP phones, which stems from the lack of protective measures for website structures, allows attackers to execute arbitrary code or gain access to confidential information.

The vulnerability of Cisco SPA100 Series IP phones’ microprogramming software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or gain access to confidential information through a specially...

5.4CVSS6.8AI score0.00633EPSS

Exploits0References3

BDU FSTEC•added 2019/10/29 12:0 a.m.•1 views

The vulnerability of the network web interface for controlling microprogrammed software in Cisco SPA100 Series IP phones allows a perpetrator to gain unauthorized access to read data.

The vulnerability of the network web interface for controlling Microprogrammed Software-IP Telephones of the Cisco SPA100 Series is caused by errors in the validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read data...

6.8CVSS5.5AI score0.01565EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by