First published: Thu Jun 18 2020(Updated: )
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Unified Ip Phone 6901 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 6901 | ||
Cisco Unified Ip Phone 6961 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 6961 | ||
Cisco Unified Ip Phone 6945 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 6945 | ||
Cisco Unified Ip Phone 6941 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 6941 | ||
Cisco Unified Ip Phone 6921 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 6921 | ||
Cisco Unified Ip Phone 6911 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 6911 | ||
Cisco Unified Ip Phone 7832 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7832 | ||
Cisco Unified Ip Phone 7861 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7861 | ||
Cisco Unified Ip Phone 7841 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7841 | ||
Cisco Unified Ip Phone 7821 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7821 | ||
Cisco Unified Ip Phone 7811 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7811 | ||
Cisco Unified Ip Phone 7937g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7937g | ||
Cisco Unified Ip Phone 7975g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7975g | ||
Cisco Unified Ip Phone 7965g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7965g | ||
Cisco Unified Ip Phone 7962g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7962g | ||
Cisco Unified Ip Phone 7961g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7961g | ||
Cisco Unified Ip Phone 7960g Firmware | <=12.8\(1\) | |
Cisco Unified IP Phone 7960G | ||
Cisco Unified Ip Phone 7945g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7945g | ||
Cisco Unified Ip Phone 7942g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7942g | ||
Cisco Unified Ip Phone 7941g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7941g | ||
Cisco Unified Ip Phone 7940g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7940g | ||
Cisco Unified Ip Phone 7931g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7931g | ||
Cisco Unified Ip Phone 7911g Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 7911g | ||
Cisco Unified Ip Phone 7906g Firmware | <=12.8\(1\) | |
Cisco Unified IP Phone 7906G | ||
Cisco Unified Ip Phone 8811 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 8811 | ||
Cisco Unified Ip Phone 8841 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 8841 | ||
Cisco Unified Ip Phone 8845 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 8845 | ||
Cisco Unified Ip Phone 8851 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 8851 | ||
Cisco Unified Ip Phone 8851nr Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 8851nr | ||
Cisco Unified Ip Phone 8861 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 8861 | ||
Cisco Unified Ip Phone 8865 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 8865 | ||
Cisco Unified Ip Phone 8865nr Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 8865nr | ||
Cisco Unified Ip Phone 8961 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 8961 | ||
Cisco Unified Ip Phone 8945 Firmware | <=12.8\(1\) | |
Cisco Unified IP Phone 8945 | ||
Cisco Unified Ip Phone 8941 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 8941 | ||
Cisco Unified Ip Phone 9971 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 9971 | ||
Cisco Unified Ip Phone 9951 Firmware | <=12.8\(1\) | |
Cisco Unified Ip Phone 9951 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.