CVE-2019-15258
published 2019-10-16CVE-2019-15258: A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper validation of user-supplied requests to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the device to stop responding, requiring manual intervention for recovery.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_spa112_2-port_phone_adapter | >= unspecified < n/a | n/a |
| cisco | spa100_series_analog_telephone_adapters_web | — | — |
| cisco | spa112_firmware | < 1.4.1 | 1.4.1 |
| cisco | spa112_firmware | — | — |
| cisco | spa122_firmware | < 1.4.1 | 1.4.1 |
| cisco | spa122_firmware | — | — |