What is CVE-2019-1922?

CVE-2019-1922 is a medium-severity vulnerability in Cisco Ip Phone 8800 Series Software, classified under NULL Pointer Dereference. CVSS score: 5.3/10. Published 2019-07-06.

How severe is CVE-2019-1922?

Medium severity. CVSS v3 base score is 5.3 out of 10.

NULL pointer dereference in Cisco Ip Phone 8800 Series Software

CVE-2019-1922

A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to in…

EPSS: 0.013 (67.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H.

Affected products

Cisco Ip Phone 8800 Series Software — versions unspecified
Cisco Ip_conference_phone_7832
Cisco Ip_conference_phone_7832_firmware
Cisco Ip_conference_phone_8832
Cisco Ip_conference_phone_8832_firmware — versions 11.5\(1\), 12.5\(1\)
Cisco Ip_phone_7811
Cisco Ip_phone_7811_firmware
Cisco Ip_phone_7821
Cisco Ip_phone_7821_firmware
Cisco Ip_phone_7841

Weakness classification (CWE)

CWE-476 — NULL Pointer Dereference

References

psirt@cisco.com (x_refsource_CISCO, vendor-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2019-1922?: CVE-2019-1922 is a medium-severity vulnerability in Cisco Ip Phone 8800 Series Software, classified under NULL Pointer Dereference. CVSS score: 5.3/10. Published 2019-07-06.
How severe is CVE-2019-1922?: Medium severity. CVSS v3 base score is 5.3 out of 10.