Vulnerabilities > Cisco > IP Phone 8831 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-20 CVE-2023-20018 Incorrect Authorization vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validation of user-supplied input.
network
low complexity
cisco CWE-863
6.5
2021-10-06 CVE-2021-34711 Path Traversal vulnerability in Cisco products
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system.
local
low complexity
cisco CWE-22
5.5
2020-01-26 CVE-2019-16008 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system.
network
low complexity
cisco CWE-79
5.4