Lucene search
K
CiscoIp Conference Phone 8832 Firmware

12 matches found

CVE
CVE
added 2021/05/11 7:42 p.m.505 views

CVE-2020-26141

CVE-2020-26141 affects the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi‑Fi stack does not verify the Message Integrity Check for fragmented TKIP frames, allowing an adjacent attacker to inject and potentially decrypt packets in WPA/WPA2 TKIP networks. The provided connected documents d...

6.5CVSS7.2AI score0.03072EPSS
CVE
CVE
added 2019/07/06 1:25 a.m.443 views

CVE-2019-1922

Cisco IP Phone 7800/8800 Series SIP handling is affected by a vulnerability in Cisco SIP IP Phone Software due to insufficient validation of SIP packets. An unauthenticated remote attacker can craft SIP replies during registration to trigger a DoS, causing the phone to reboot and fail registratio...

7.8CVSS6.3AI score0.01317EPSS
CVE
CVE
added 2020/02/05 5:40 p.m.120 views

CVE-2020-3111

CVE-2020-3111 is a Cisco CDP vulnerability in Cisco IP Phones that allows an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload (DoS) by sending crafted CDP packets. Root cause: missing checks when processing CDP messages in the Layer 2 CDP implemen...

8.8CVSS8.6AI score0.03095EPSS
CVE
CVE
added 2024/11/18 3:42 p.m.103 views

CVE-2021-1379

CVE-2021-1379 affects Cisco IP Phone Series 68xx/78xx/88xx via Cisco Discovery Protocol and LLDP processing. Root cause: missing checks when handling Cisco Discovery Protocol or LLDP packets, allowing an unauthenticated, adjacent attacker (Layer 2) to execute code remotely or cause a reload, resu...

6.5CVSS6.9AI score0.00315EPSS
CVE
CVE
added 2022/01/14 5:1 a.m.100 views

CVE-2022-20660

CVE-2022-20660 affects Cisco IP Phones where confidential data is stored unencrypted on flash memory. An unauthenticated, physical attacker could extract memory to obtain confidential information. Cisco has released software updates addressing this vulnerability; the Tenable/Cisco advisories conf...

4.6CVSS4.3AI score0.00351EPSS
CVE
CVE
added 2019/03/22 8:5 p.m.60 views

CVE-2019-1763

Summary: CVE-2019-1763 is a Cisco IP Phone 8800 Series authorization bypass vulnerability in the SIP web-based management interface, caused by improper URL sanitization. An unauthenticated, remote attacker could bypass authorization, access critical services, and cause a DoS. Affected are IP Phon...

7.5CVSS7.7AI score0.01939EPSS
CVE
CVE
added 2021/10/06 7:46 p.m.60 views

CVE-2021-34711

CVE-2021-34711 affects Cisco IP Phone software. A vulnerability in the debug shell allows an authenticated, local attacker to read arbitrary files on the device filesystem due to insufficient input validation. The issue is triggered by crafted input to a debug shell command. The impact is read ac...

5.5CVSS5.2AI score0.00258EPSS
CVE
CVE
added 2019/05/03 2:55 p.m.59 views

CVE-2019-1635

CVE-2019-1635 affects Cisco IP Phone 7800 and 8800 Series SIP software. The issue is due to incomplete error handling when parsing XML data in SIP packets, allowing an unauthenticated, remote attacker to cause the phone to reload and experience a temporary DoS. The vulnerability applies to the ca...

7.8CVSS7.6AI score0.01967EPSS
CVE
CVE
added 2019/03/22 8:5 p.m.59 views

CVE-2019-1765

CVE-2019-1765 affects Cisco IP Phone 8800 Series SIP Software. The web-based management interface vulnerability arises from insufficient input validation and file-level permissions, allowing an authenticated, remote attacker to upload invalid files and write files to arbitrary locations on the de...

8.1CVSS7.1AI score0.01391EPSS
CVE
CVE
added 2024/11/06 4:29 p.m.58 views

CVE-2024-20445

CVE-2024-20445 affects Cisco Desk Phone 9800 Series, Cisco IP Phone 7800/8800 Series, and Cisco Video Phone 8875. The issue is improper storage of sensitive information in the web UI for SIP-based phone loads, allowing an unauthenticated, remote attacker to access sensitive data (including call r...

5.3CVSS5.2AI score0.0045EPSS
CVE
CVE
added 2019/03/22 8:5 p.m.51 views

CVE-2019-1764

CVE-2019-1764 affects Cisco IP Phone 8800 Series SIP Software with insufficient CSRF protections in the web-based management interface. An unauthenticated attacker can induce an authenticated user to follow a crafted link, enabling arbitrary actions on the device via a browser with the user’s pri...

8.8CVSS8.4AI score0.00698EPSS
CVE
CVE
added 2019/02/21 8:0 p.m.46 views

CVE-2019-1684

CVE-2019-1684 affects Cisco IP Phone 7800 and 8800 Series. The issue arises from missing length validation in the Cisco Discovery Protocol (CDP) / Link Layer Discovery Protocol (LLDP) header fields, allowing an unauthenticated, adjacent attacker to cause an affected phone to reload and experience...

6.5CVSS6.4AI score0.0064EPSS