Vulnerabilities > Cisco > IP Phone 8851 With Multiplatform Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-16 | CVE-2023-20221 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. | 6.5 |
2021-07-22 | CVE-2021-33478 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. | 6.8 |
2020-02-05 | CVE-2020-3111 | Improper Input Validation vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. | 8.8 |