Vulnerabilities > Cisco > Small Business IP Phone
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-19 | CVE-2017-12259 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Small Business IP Phone Firmware A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. | 5.0 |
| 2012-05-02 | CVE-2012-0333 | Improper Authentication vulnerability in Cisco products Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and earlier do not require authentication for Push XML requests, which allows remote attackers to make telephone calls via an XML document, aka Bug ID CSCts08768. | 5.0 |