Vulnerabilities > Cisco > IP Phone 8800 Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-20 | CVE-2023-20018 | Incorrect Authorization vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validation of user-supplied input. | 6.5 |
2021-07-22 | CVE-2021-33478 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. | 6.8 |
2019-03-22 | CVE-2019-1765 | Path Traversal vulnerability in Cisco products A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. | 6.5 |
2019-02-21 | CVE-2019-1684 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. | 6.5 |