Cisco Small Business Spa500 Series Ip Phones vulnerabilities

CVE-2018-0389 [HIGH] CWE-399 CVE-2018-0389: A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SIP request messages by an

CVE-2019-1683 [HIGH] CWE-295 CVE-2019-1683: A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP) conversation. The vulnerability is due to the improper validation of server cer