HIGH✓ PATCH🇬🇧 English

CVE-2024-20376

CVSS 7.5v3.1pub. 2024-05-01upd. 2026-01-05

A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Cisco Ip Phone 6821

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 6821 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 6841

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 6841 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 6851

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 6851 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 6861

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 6861 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 6871

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 6871 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 7811

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 7811 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 7821

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 7821 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 7832

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 7832 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 7841

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 7841 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 7861

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 7861 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 8811

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 8811 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 8832

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 8832 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 8841

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 8841 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 8845

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 8845 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
  • Cisco Ip Phone 8851

    HW
    Cisco
    wszystkie wersje
  • Cisco Ip Phone 8851 With Multiplatform Firmware

    OS
    Cisco
    ≤ 12.0.4
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2020-3161CRITICAL9.8⚠ KEVten sam produkt

A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execu...

CVE-2023-20078CRITICAL9.8ten sam produkt

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unaut...

CVE-2023-20079CRITICAL9.8ten sam produkt

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unaut...

CVE-2025-20350HIGH7.5ten sam produkt

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco ...

CVE-2024-20378HIGH7.5ten sam produkt

A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticate...