Cisco Ip Phone 6841 Firmware vulnerabilities
5 known vulnerabilities affecting cisco/ip_phone_6841_firmware.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-20078CRITICALCVSS 9.8fixed in 11.3.7sr12023-03-03
CVE-2023-20078 [CRITICAL] CWE-121 CVE-2023-20078: Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allo
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
nvd
CVE-2023-20079HIGHCVSS 7.5fixed in 11.3.7sr12023-03-03
CVE-2023-20079 [CRITICAL] CWE-121 CVE-2023-20079: Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allo
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
nvd
CVE-2022-20774HIGHCVSS 8.1fixed in 11.3.52022-04-06
CVE-2022-20774 [MEDIUM] CWE-345 CVE-2022-20774: A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system. This vulnerability is due to insufficient CSRF protection
nvd
CVE-2020-3111HIGHCVSS 8.8fixed in 11.3\(1\)sr12020-02-05
CVE-2020-3111 [HIGH] CWE-20 CVE-2020-3111: A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an
A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulner
nvd
CVE-2019-16008MEDIUMCVSS 5.4fixed in 11.3\(1\)2020-01-26
CVE-2019-16008 [MEDIUM] CWE-79 CVE-2019-16008: A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatfor
A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the w
nvd