Описание
A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
Затрагиваемое ПО
Cisco Video phone 8875 firmwareCisco Video phone 8875Cisco Ip phone 6821 with multiplatform firmwareCisco Ip phone 6821Cisco Ip phone 6841 with multiplatform firmwareCisco Ip phone 6841Cisco Ip phone 6851 with multiplatform firmwareCisco Ip phone 6851Cisco Ip phone 6861 with multiplatform firmwareCisco Ip phone 6861Cisco Ip phone 6871 with multiplatform firmwareCisco Ip phone 6871Cisco Ip phone 7811 with multiplatform firmwareCisco Ip phone 7811Cisco Ip phone 7821 with multiplatform firmwareCisco Ip phone 7821Cisco Ip phone 7832 with multiplatform firmwareCisco Ip phone 7832Cisco Ip phone 7841 with multiplatform firmwareCisco Ip phone 7841Cisco Ip phone 7861 with multiplatform firmwareCisco Ip phone 7861Cisco Ip phone 8811 with multiplatform firmwareCisco Ip phone 8811Cisco Ip phone 8832 with multiplatform firmware
CVSS
| Балл | 7.5 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Источники
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-multi-vulns-cXAhCvShttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-multi-vulns-cXAhCvS