Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Unified Ip Phone 9951
Total 14 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-20817 1 Cisco 22 Ata 187 Analog Telephone Adapter, Ata 187 Analog Telephone Adapter Firmware, Unified Ip Phone 6911 and 19 more 2024-11-21 4.0 MEDIUM 7.4 HIGH
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. This vulnerability is due to improper key generation during the manufacturing process that could result in duplicated manufactured keys installed on multiple devices. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on the secure communication between the phone and the CUCM. A successful exploit could allow the attacker to impersonate another user's phone. This vulnerability cannot be addressed with software updates. There is a workaround that addresses this vulnerability.
CVE-2020-3360 1 Cisco 74 Unified Ip Phone 6901, Unified Ip Phone 6901 Firmware, Unified Ip Phone 6911 and 71 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.
CVE-2018-0332 1 Cisco 27 Ip Phone 7811, Ip Phone 7821, Ip Phone 7841 and 24 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacker could exploit this vulnerability by sending high volumes of SIP INVITE traffic to the targeted device. Successful exploitation could allow the attacker to cause a disruption of services on the targeted IP phone. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945.
CVE-2015-0604 1 Cisco 4 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9951 Firmware and 1 more 2024-11-21 5.0 MEDIUM N/A
The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.
CVE-2015-0603 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2024-11-21 4.6 MEDIUM N/A
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing to a phone's filesystem, aka Bug ID CSCup90474.
CVE-2015-0602 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2024-11-21 5.0 MEDIUM N/A
The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117.
CVE-2015-0601 1 Cisco 4 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9951 Firmware and 1 more 2024-11-21 4.6 MEDIUM N/A
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow local users to cause a denial of service (device reload) via crafted commands, aka Bug ID CSCup92790.
CVE-2015-0600 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2024-11-21 5.0 MEDIUM N/A
The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to cause a denial of service (logoff) via crafted packets, aka Bug ID CSCuq12139.
CVE-2014-0658 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2024-11-21 5.4 MEDIUM N/A
Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898.
CVE-2013-6685 1 Cisco 4 Unified Ip Phone 8961, Unified Ip Phone 9951, Unified Ip Phone 9971 and 1 more 2024-11-21 6.6 MEDIUM N/A
The firmware on Cisco Unified IP phones 8961, 9951, and 9971 uses weak permissions for memory block devices, which allows local users to gain privileges by mounting a device with a setuid file in its filesystem, aka Bug ID CSCui04382.
CVE-2013-5533 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2024-11-21 6.0 MEDIUM N/A
The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334.
CVE-2013-5532 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2024-11-21 5.0 MEDIUM N/A
Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service (webapp interface outage) via long values in unspecified fields, aka Bug ID CSCuh10343.
CVE-2013-5526 1 Cisco 2 Unified Ip Phone 9951, Unified Ip Phone 9971 2024-11-21 7.1 HIGH N/A
Cisco 9900 fourth-generation IP phones do not properly perform SDP negotiation, which allows remote attackers to cause a denial of service (device reboot) via crafted SDP packets, aka Bug ID CSCuf06698.
CVE-2013-3426 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2024-11-21 5.0 MEDIUM N/A
The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810.