Vulnerabilities > Cisco > Spa122 Firmware > 1.4.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-16 | CVE-2019-15244 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Spa112 Firmware and Spa122 Firmware Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. | 5.2 |
| 2019-10-16 | CVE-2019-15243 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Spa112 Firmware and Spa122 Firmware Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. | 5.2 |
| 2019-10-16 | CVE-2019-15242 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Spa112 Firmware and Spa122 Firmware Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. | 5.2 |
| 2019-10-16 | CVE-2019-15241 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Spa112 Firmware and Spa122 Firmware Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. | 5.2 |
| 2019-10-16 | CVE-2019-15240 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Spa112 Firmware and Spa122 Firmware Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. | 5.2 |
| 2019-10-16 | CVE-2019-12708 | Information Exposure vulnerability in Cisco Spa112 Firmware and Spa122 Firmware A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. | 4.0 |
| 2019-10-16 | CVE-2019-12704 | Path Traversal vulnerability in Cisco Spa112 Firmware and Spa122 Firmware A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to view the contents of arbitrary files on an affected device. | 4.0 |
| 2019-10-16 | CVE-2019-12703 | Cross-site Scripting vulnerability in Cisco Spa122 Firmware 1.4.1 A vulnerability in the web-based management interface of Cisco SPA122 ATA with Router Devices could allow an unauthenticated, adjacent attacker to conduct cross-site scripting attacks. | 2.9 |
| 2019-10-16 | CVE-2019-12702 | Cross-site Scripting vulnerability in Cisco Spa112 Firmware and Spa122 Firmware A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to conduct cross-site scripting attacks. | 3.5 |