Lucene search

[email protected]CVE-2023-20079

HistoryMar 03, 2023 - 4:15 p.m.

CVE-2023-20079

2023-03-0316:15:10

CWE-787

CWE-121

[email protected]

web.nvd.nist.gov

cve-2023-20079

cisco

ip phones

web-based management

vulnerabilities

remote code execution

dos

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.3%

JSON

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

Affected configurations

NVD

Node

ciscoip_phone_6871_firmwareRange<11.3.7sr1

AND

ciscoip_phone_6871Match-

Node

ciscoip_phone_6861_firmwareRange<11.3.7sr1

AND

ciscoip_phone_6861Match-

Node

ciscoip_phone_6851_firmwareRange<11.3.7sr1

AND

ciscoip_phone_6851Match-

Node

ciscoip_phone_6841_firmwareRange<11.3.7sr1

AND

ciscoip_phone_6841Match-

Node

ciscoip_phone_6825_firmwareRange<11.3.7sr1

AND

ciscoip_phone_6825Match-

Node

ciscoip_phone_7861_firmwareRange<11.3.7sr1

AND

ciscoip_phone_7861Match-

Node

ciscoip_phone_7841_firmwareRange<11.3.7sr1

AND

ciscoip_phone_7841Match-

Node

ciscoip_phone_7832_firmwareRange<11.3.7sr1

AND

ciscoip_phone_7832Match-

Node

ciscoip_phone_7821_firmwareRange<11.3.7sr1

AND

ciscoip_phone_7821Match-

Node

ciscoip_phone_7811_firmwareRange<11.3.7sr1

AND

ciscoip_phone_7811Match-

Node

ciscoip_phone_8865_firmwareRange<11.3.7sr1

AND

ciscoip_phone_8865Match-

Node

ciscoip_phone_8861_firmwareRange<11.3.7sr1

AND

ciscoip_phone_8861Match-

Node

ciscoip_phone_8851_firmwareRange<11.3.7sr1

AND

ciscoip_phone_8851Match-

Node

ciscoip_phone_8845_firmwareRange<11.3.7sr1

AND

ciscoip_phone_8845Match-

Node

ciscoip_phone_8841_firmwareRange<11.3.7sr1

AND

ciscoip_phone_8841Match-

Node

ciscoip_phone_8832_firmwareRange<11.3.7sr1

AND

ciscoip_phone_8832Match-

Node

ciscoip_phone_8811_firmwareRange<11.3.7sr1

AND

ciscoip_phone_8811Match-

Node

ciscoip_phone_8831_firmwareRange<11.3.7sr1

AND

ciscoip_phone_8831Match-

Node

ciscounified_ip_phone_7945g_firmwareRange<11.3.7sr1

AND

ciscounified_ip_phone_7945gMatch-

Node

ciscounified_ip_phone_7965g_firmwareRange<11.3.7sr1

AND

ciscounified_ip_phone_7965gMatch-

Node

ciscounified_ip_phone_7975g_firmwareRange<11.3.7sr1

AND

ciscounified_ip_phone_7975gMatch-

CPENameOperatorVersion
cisco:ip_phone_6871_firmwarecisco ip phone 6871 firmwarelt11.3.7sr1

CPE	Name	Operator	Version
cisco:ip_phone_6871_firmware	cisco ip phone 6871 firmware	lt	11.3.7sr1

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco IP Phones with Multiplatform Firmware ",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]