Vulnerabilities > Cisco > IP Phone 8800
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-22 | CVE-2019-1763 | Improper Access Control vulnerability in Cisco products A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. | 5.0 |
| 2019-02-21 | CVE-2019-1684 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. | 6.1 |
| 2018-05-17 | CVE-2018-0325 | Improper Input Validation vulnerability in Cisco IP Phone 7800 Firmware and IP Phone 8800 Firmware A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. | 5.0 |
| 2016-08-22 | CVE-2016-1479 | Improper Input Validation vulnerability in Cisco IP Phone 8800 Series Firmware 11.0(1) Cisco IP Phone 8800 devices with software 11.0(1) allow remote attackers to cause a denial of service (memory corruption) via a crafted HTTP request, aka Bug ID CSCuz03038. | 7.8 |
| 2016-08-22 | CVE-2016-1476 | Cross-site Scripting vulnerability in Cisco IP Phone 8800 Series Firmware 11.0Base Cross-site scripting (XSS) vulnerability on Cisco IP Phone 8800 devices with software 11.0 allows remote authenticated users to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCuz03024. | 3.5 |
| 2016-06-23 | CVE-2016-1435 | Permissions, Privileges, and Access Controls vulnerability in Cisco IP Phone 8800 Series Firmware 11.0(1) Cisco 8800 phones with software 11.0(1) do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014. | 6.2 |
| 2016-06-23 | CVE-2016-1434 | Improper Input Validation vulnerability in Cisco IP Phone 8800 Series Firmware 11.0(1) The license-certificate upload functionality on Cisco 8800 phones with software 11.0(1) allows remote authenticated users to delete arbitrary files via an invalid file, aka Bug ID CSCuz03010. | 4.0 |