Spa 301 1 Line Ip Phone@* Security Vulnerabilities and Issues — Spa 301 1 Line Ip Phone@* CVE List

Lucene search

CiscoSpa 301 1 Line Ip Phone*

3 matches found

CVE•added 2014/07/09 11:7 a.m.•44 views

CVE-2014-3313

Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuo52582.

4.3CVSS5.8AI score0.00499EPSS

CVE•added 2015/03/21 1:59 a.m.•40 views

CVE-2015-0670

The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482.

6.4CVSS6.8AI score0.00532EPSS

CVE•added 2014/07/09 11:7 a.m.•34 views

CVE-2014-3312

The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435.

6.9CVSS7.1AI score0.00052EPSS