First published: Wed Jul 03 2019(Updated: )
A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol (SIP) packets. An attacker could exploit this vulnerability by altering the SIP replies that are sent to the affected phone during the registration process. A successful exploit could allow the attacker to cause the phone to reboot and not complete the registration process.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Ip Conference Phone 7832 Firmware | ||
Cisco Ip Conference Phone 7832 | ||
Cisco Ip Conference Phone 8832 Firmware | =11.5\(1\) | |
Cisco Ip Conference Phone 8832 Firmware | =12.5\(1\) | |
Cisco Ip Conference Phone 8832 | ||
Cisco Ip Phone 7811 Firmware | ||
Cisco Ip Phone 7811 | ||
Cisco Ip Phone 7821 Firmware | ||
Cisco Ip Phone 7821 | ||
Cisco Ip Phone 7841 Firmware | ||
Cisco Ip Phone 7841 | ||
Cisco Ip Phone 7861 Firmware | ||
Cisco IP Phone 7861 | ||
Cisco Ip Phone 8811 Firmware | =11.5\(1\) | |
Cisco Ip Phone 8811 Firmware | =12.5\(1\) | |
Cisco Ip Phone 8811 | ||
Cisco Ip Phone 8841 Firmware | =11.5\(1\) | |
Cisco Ip Phone 8841 Firmware | =12.5\(1\) | |
Cisco Ip Phone 8841 | ||
Cisco Ip Phone 8845 Firmware | =11.5\(1\) | |
Cisco Ip Phone 8845 Firmware | =12.5\(1\) | |
Cisco Ip Phone 8845 | ||
Cisco Ip Phone 8851 Firmware | =11.5\(1\) | |
Cisco Ip Phone 8851 Firmware | =12.5\(1\) | |
Cisco IP Phone 8851 | ||
Cisco Ip Phone 8861 Firmware | =11.5\(1\) | |
Cisco Ip Phone 8861 Firmware | =12.5\(1\) | |
Cisco Ip Phone 8861 | ||
Cisco Ip Phone 8865 Firmware | =11.5\(1\) | |
Cisco Ip Phone 8865 Firmware | =12.5\(1\) | |
Cisco Ip Phone 8865 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-1922 is a vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series.
The severity of CVE-2019-1922 is high.
The affected software for CVE-2019-1922 is Cisco IP Phone 7800 Series and 8800 Series.
CVE-2019-1922 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone.
To fix CVE-2019-1922, it is recommended to apply the necessary updates provided by Cisco.