CVE-2020-3360: Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability
First published: Thu Jun 18 2020(Updated: )
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified IP Phone 6901 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 6901 | ||
| Cisco Unified IP Phone 6961 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 6961 Firmware | ||
| Cisco Unified IP Phone 6945 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 6945 Firmware | ||
| Cisco Unified IP Phone 6941 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 6941 Firmware | ||
| Cisco Unified IP Phone 6921 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 6921 | ||
| Cisco Unified IP Phone Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 6911 Firmware | ||
| Cisco Unified IP Phone 7832 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7832 Firmware | ||
| Cisco Unified IP Phone 7861 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7861 Firmware | ||
| Cisco Unified IP Phone 7841 | <=12.8\(1\) | |
| Cisco Unified IP Phone 7841 Firmware | ||
| Cisco Unified IP Phone 7821 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7821 Firmware | ||
| Cisco Unified IP Phone 7811 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7811 Firmware | ||
| Cisco Unified IP Conference Station 7937G Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7937G Firmware | ||
| Cisco Unified IP Phone 7975G Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7975G Firmware | ||
| Cisco Unified IP Phone 7965G Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phones | ||
| Cisco Unified IP Phone 7962G Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7962G Firmware | ||
| Cisco Unified IP Phone firmware 7961G | <=12.8\(1\) | |
| Cisco Unified IP Phone firmware 7961G | ||
| Cisco Unified IP Phone 7960G Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7960G Firmware | ||
| Cisco Unified IP Phone 7945G Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7945G Firmware | ||
| Cisco Unified IP Phone 7942G Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7942G Firmware | ||
| Cisco Unified IP Phone 7941G Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7941G Firmware | ||
| Cisco Unified IP Phone 7940G Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7940G | ||
| Cisco Unified IP Phone 7931G Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 7931G Firmware | ||
| Cisco Unified IP Phone firmware 7911G | <=12.8\(1\) | |
| Cisco Unified IP Phone firmware 7911G | ||
| Cisco Unified IP Phone firmware 7906G | <=12.8\(1\) | |
| Cisco Unified IP Phone 7906G Firmware | ||
| Cisco Unified IP Phone 8811 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 8811 Firmware | ||
| Cisco Unified IP Phone 8841 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 8841 Firmware | ||
| Cisco Unified IP Phone 8845 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 8845 Firmware | ||
| Cisco Unified IP Phone 8851nr Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 8851 Firmware | ||
| Cisco Unified IP Phone 8851nr Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 8851nr Firmware | ||
| Cisco IP Phone 8861 Firmware | <=12.8\(1\) | |
| Cisco IP Phone 8861 with Key Expansion Module | ||
| Cisco Unified IP Phone 8865 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 8865 Firmware | ||
| Cisco Unified IP Phone 8865 | <=12.8\(1\) | |
| Cisco Unified IP Phone 8865 | ||
| Cisco Unified IP Phone 8961 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 8961 Firmware | ||
| Cisco Unified IP Phone 8945 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone software | ||
| Cisco Unified IP Phone 8941 firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 8941 firmware | ||
| Cisco Unified IP phones 9971 firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 9971 Firmware | ||
| Cisco Unified IP Phones 9951 Firmware | <=12.8\(1\) | |
| Cisco Unified IP Phone 9951 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-3360?
CVE-2020-3360 has a medium severity level, allowing unauthorized access to sensitive data on affected Cisco IP Phones.
How do I fix CVE-2020-3360?
To fix CVE-2020-3360, update your Cisco IP Phone to the latest firmware version as specified in Cisco's advisories.
Which devices are affected by CVE-2020-3360?
CVE-2020-3360 affects various Cisco IP Phone models within the Series 7800 and Series 8800 that are running firmware versions up to 12.8(1).
What type of attack can exploit CVE-2020-3360?
CVE-2020-3360 can be exploited by an unauthenticated remote attacker to view sensitive information through improper access controls.
Is there a workaround for CVE-2020-3360?
There is no specific workaround for CVE-2020-3360; the recommended action is to apply the security update provided by Cisco.
- agent/type
- agent/severity
- agent/title
- agent/author
- agent/weakness
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco unified ip phone 6901 firmware
- version/cisco unified ip phone 6901 firmware/12.8\(1\)
- canonical/cisco unified ip phone 6901
- canonical/cisco unified ip phone 6961 firmware
- version/cisco unified ip phone 6961 firmware/12.8\(1\)
- canonical/cisco unified ip phone 6945 firmware
- version/cisco unified ip phone 6945 firmware/12.8\(1\)
- canonical/cisco unified ip phone 6941 firmware
- version/cisco unified ip phone 6941 firmware/12.8\(1\)
- canonical/cisco unified ip phone 6921 firmware
- version/cisco unified ip phone 6921 firmware/12.8\(1\)
- canonical/cisco unified ip phone 6921
- canonical/cisco unified ip phone firmware
- version/cisco unified ip phone firmware/12.8\(1\)
- canonical/cisco unified ip phone 6911 firmware
- canonical/cisco unified ip phone 7832 firmware
- version/cisco unified ip phone 7832 firmware/12.8\(1\)
- canonical/cisco unified ip phone 7861 firmware
- version/cisco unified ip phone 7861 firmware/12.8\(1\)
- canonical/cisco unified ip phone 7841
- version/cisco unified ip phone 7841/12.8\(1\)
- canonical/cisco unified ip phone 7841 firmware
- canonical/cisco unified ip phone 7821 firmware
- version/cisco unified ip phone 7821 firmware/12.8\(1\)
- canonical/cisco unified ip phone 7811 firmware
- version/cisco unified ip phone 7811 firmware/12.8\(1\)
- canonical/cisco unified ip conference station 7937g firmware
- version/cisco unified ip conference station 7937g firmware/12.8\(1\)
- canonical/cisco unified ip phone 7937g firmware
- canonical/cisco unified ip phone 7975g firmware
- version/cisco unified ip phone 7975g firmware/12.8\(1\)
- canonical/cisco unified ip phone 7965g firmware
- version/cisco unified ip phone 7965g firmware/12.8\(1\)
- canonical/cisco unified ip phones
- canonical/cisco unified ip phone 7962g firmware
- version/cisco unified ip phone 7962g firmware/12.8\(1\)
- canonical/cisco unified ip phone firmware 7961g
- version/cisco unified ip phone firmware 7961g/12.8\(1\)
- canonical/cisco unified ip phone 7960g firmware
- version/cisco unified ip phone 7960g firmware/12.8\(1\)
- canonical/cisco unified ip phone 7945g firmware
- version/cisco unified ip phone 7945g firmware/12.8\(1\)
- canonical/cisco unified ip phone 7942g firmware
- version/cisco unified ip phone 7942g firmware/12.8\(1\)
- canonical/cisco unified ip phone 7941g firmware
- version/cisco unified ip phone 7941g firmware/12.8\(1\)
- canonical/cisco unified ip phone 7940g firmware
- version/cisco unified ip phone 7940g firmware/12.8\(1\)
- canonical/cisco unified ip phone 7940g
- canonical/cisco unified ip phone 7931g firmware
- version/cisco unified ip phone 7931g firmware/12.8\(1\)
- canonical/cisco unified ip phone firmware 7911g
- version/cisco unified ip phone firmware 7911g/12.8\(1\)
- canonical/cisco unified ip phone firmware 7906g
- version/cisco unified ip phone firmware 7906g/12.8\(1\)
- canonical/cisco unified ip phone 7906g firmware
- canonical/cisco unified ip phone 8811 firmware
- version/cisco unified ip phone 8811 firmware/12.8\(1\)
- canonical/cisco unified ip phone 8841 firmware
- version/cisco unified ip phone 8841 firmware/12.8\(1\)
- canonical/cisco unified ip phone 8845 firmware
- version/cisco unified ip phone 8845 firmware/12.8\(1\)
- canonical/cisco unified ip phone 8851nr firmware
- version/cisco unified ip phone 8851nr firmware/12.8\(1\)
- canonical/cisco unified ip phone 8851 firmware
- canonical/cisco ip phone 8861 firmware
- version/cisco ip phone 8861 firmware/12.8\(1\)
- canonical/cisco ip phone 8861 with key expansion module
- canonical/cisco unified ip phone 8865 firmware
- version/cisco unified ip phone 8865 firmware/12.8\(1\)
- canonical/cisco unified ip phone 8865
- version/cisco unified ip phone 8865/12.8\(1\)
- canonical/cisco unified ip phone 8961 firmware
- version/cisco unified ip phone 8961 firmware/12.8\(1\)
- canonical/cisco unified ip phone 8945 firmware
- version/cisco unified ip phone 8945 firmware/12.8\(1\)
- canonical/cisco unified ip phone software
- canonical/cisco unified ip phone 8941 firmware
- version/cisco unified ip phone 8941 firmware/12.8\(1\)
- canonical/cisco unified ip phones 9971 firmware
- version/cisco unified ip phones 9971 firmware/12.8\(1\)
- canonical/cisco unified ip phone 9971 firmware
- canonical/cisco unified ip phones 9951 firmware
- version/cisco unified ip phones 9951 firmware/12.8\(1\)
- canonical/cisco unified ip phone 9951 firmware