Cisco Ip_phone_8800_series_firmware
10 CVEs affecting Cisco Ip_phone_8800_series_firmware. Latest disclosed: 2017-11-30. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-1403 | High | 7.8 | 2016-06-04 | CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz0… |
CVE-2016-1479 | High | 7.5 | 2016-08-22 | Cisco IP Phone 8800 devices with software 11.0(1) allow remote attackers to cause a denial of service (memory corruption) via a crafted HTTP request, aka Bug I… |
CVE-2016-1421 | High | 7.5 | 2016-06-10 | A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a relo… |
CVE-2015-6360 | High | 7.5 | 2016-04-21 | The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bu… |
CVE-2016-1435 | High | 7.0 | 2016-06-23 | Cisco 8800 phones with software 11.0(1) do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leverag… |
CVE-2017-12305 | Medium | 6.7 | 2017-11-16 | A vulnerability in the debug interface of Cisco IP Phone 8800 series could allow an authenticated, local attacker to execute arbitrary commands, aka Debug Shel… |
CVE-2016-1434 | Medium | 6.5 | 2016-06-23 | The license-certificate upload functionality on Cisco 8800 phones with software 11.0(1) allows remote authenticated users to delete arbitrary files via an inva… |
CVE-2017-12328 | Medium | 5.8 | 2017-11-30 | A vulnerability in Session Initiation Protocol (SIP) call handling in Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cau… |
CVE-2016-1476 | Medium | 5.4 | 2016-08-22 | Cross-site scripting (XSS) vulnerability on Cisco IP Phone 8800 devices with software 11.0 allows remote authenticated users to inject arbitrary web script or… |
CVE-2017-6630 | Medium | 5.3 | 2017-05-22 | A vulnerability in the Session Initiation Protocol (SIP) implementation of Cisco IP Phone 8851 11.0(0.1) could allow an unauthenticated, remote attacker to cau… |