Cisco Wireless Ip Phone 8821 And 8821-Ex vulnerabilities

5 known vulnerabilities affecting cisco/cisco_wireless_ip_phone_8821_and_8821-ex.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2019-1635HIGHCVSS 7.5≥ unspecified, < 11.0(5)2019-05-03
CVE-2019-1635 [HIGH] CWE-399 CVE-2019-1635: A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to incomplete error handlin
cvelistv5nvd
CVE-2019-1716CRITICALCVSS 9.8≥ unspecified, < 11.0(4)SR32019-03-22
CVE-2019-1716 [CRITICAL] CWE-20 CVE-2019-1716: A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The vulnerability exists because the software improperly validates user
cvelistv5nvd
CVE-2019-1764HIGHCVSS 8.8≥ unspecified, < 11.0(5)2019-03-22
CVE-2019-1764 [HIGH] CWE-352 CVE-2019-1764: A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An
cvelistv5nvd
CVE-2019-1763HIGHCVSS 7.5≥ unspecified, < 11.0(5)2019-03-22
CVE-2019-1763 [HIGH] CWE-284 CVE-2019-1763: A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it
cvelistv5nvd
CVE-2019-1765MEDIUMCVSS 6.5≥ unspecified, < 11.0(5)2019-03-22
CVE-2019-1765 [MEDIUM] CWE-22 CVE-2019-1765: A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by
cvelistv5nvd