cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-3360,https://securityvulnerability.io/vulnerability/CVE-2020-3360,Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability,"A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.",Cisco,Cisco Ip Phone 8800 Series Software,5.3,MEDIUM,0.001829999964684248,false,,false,false,true,2024-08-04T08:16:37.000Z,,false,false,,2020-06-18T03:15:00.000Z,0
CVE-2019-1922,https://securityvulnerability.io/vulnerability/CVE-2019-1922,Cisco IP Phone 7800 and 8800 Series Session Initiation Protocol Denial of Service Vulnerability,"A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol (SIP) packets. An attacker could exploit this vulnerability by altering the SIP replies that are sent to the affected phone during the registration process. A successful exploit could allow the attacker to cause the phone to reboot and not complete the registration process.",Cisco,Cisco Ip Phone 8800 Series Software,5.3,MEDIUM,0.0015899999998509884,false,,false,false,true,2024-08-04T19:16:18.000Z,,false,false,,2019-07-06T02:15:00.000Z,0
CVE-2019-1766,https://securityvulnerability.io/vulnerability/CVE-2019-1766,Cisco IP Phone 8800 Series File Upload Denial of Service Vulnerability,"A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 12.5(1)SR1.",Cisco,Cisco Ip Phone 8800 Series Software,7.5,HIGH,0.001610000035725534,false,,false,false,true,2024-08-04T19:16:09.000Z,,false,false,,2019-03-22T20:29:00.000Z,0
CVE-2019-1684,https://securityvulnerability.io/vulnerability/CVE-2019-1684,Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability,"A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected.",Cisco,Cisco Ip Phone 8800 Series Software,6.5,MEDIUM,0.0005499999970197678,false,,false,false,true,2024-08-04T19:16:04.000Z,,false,false,,2019-02-21T20:29:00.000Z,0
CVE-2018-0461,https://securityvulnerability.io/vulnerability/CVE-2018-0461,Cisco IP Phone 8800 Series Arbitrary Script Injection Vulnerability,"A vulnerability in the Cisco IP Phone 8800 Series Software could allow an unauthenticated, remote attacker to conduct an arbitrary script injection attack on an affected device. The vulnerability exists because the software running on an affected device insufficiently validates user-supplied data. An attacker could exploit this vulnerability by persuading a user to click a malicious link provided to the user or through the interface of an affected device. A successful exploit could allow an attacker to execute arbitrary script code in the context of the user interface or access sensitive system-based information, which under normal circumstances should be prohibited.",Cisco,Cisco Ip Phone 8800 Series Software,6.5,MEDIUM,0.0020099999383091927,false,,false,false,true,2024-08-05T04:15:22.000Z,,false,false,,2019-01-10T16:29:00.000Z,0