Cisco IP Phone 8800 Firmware 12.5(1)sr1

CPE Details

Cisco IP Phone 8800 Firmware 12.5(1)sr1
cisco
ip_phone_8800_firmware
12.5\(1\)sr1
2020-09-16
21h43 +00:00
2020-09-16
21h43 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:cisco:ip_phone_8800_firmware:12.5\(1\)sr1:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

ip_phone_8800_firmware

Version

12.5\(1\)sr1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-20018 2023-01-19 01h35 +00:00 A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication.
8.6
Haute
CVE-2021-33478 2021-07-22 14h53 +00:00 The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products before 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins.
6.8
Moyen
CVE-2019-1684 2019-02-21 20h00 +00:00 A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected.
6.5
Moyen