Cleartext storage of sensitive information in Cisco IP Phones



Published: 2022-01-24
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2022-20660
CWE-ID CWE-312
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		Cisco Unified IP Conference Phone 8831
Hardware solutions / Office equipment, IP-phones, print servers

Cisco Unified IP Conference Phone 8831 for Third-Party Call Control
Hardware solutions / Office equipment, IP-phones, print servers

Unified IP Phone 7945G
Hardware solutions / Office equipment, IP-phones, print servers

Unified IP Phone 7965G
Hardware solutions / Office equipment, IP-phones, print servers

Unified IP Phone 7975G
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Conference Phone 7832
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Conference Phone 8832
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Phone 7811
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Phone 7821
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Phone 7841
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Phone 7861
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Phone 8811
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Phone 8841
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Phone 8845
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Phone 8851
Hardware solutions / Office equipment, IP-phones, print servers

Unified SIP Phone 3905
Hardware solutions / Office equipment, IP-phones, print servers

Cisco Wireless IP Phone 8821
Hardware solutions / Office equipment, IP-phones, print servers

Cisco Wireless IP Phone 8821-EX
Hardware solutions / Office equipment, IP-phones, print servers

Cisco IP Phone 8861
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco IP Phone 8865
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Cleartext storage of sensitive information

EUVDB-ID: #VU59961

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-20660

CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to unencrypted storage of confidential information. An attacker with physical access can obtain confidential information from the device.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco Unified IP Conference Phone 8831: All versions

Cisco Unified IP Conference Phone 8831 for Third-Party Call Control: All versions

Unified IP Phone 7945G : All versions

Unified IP Phone 7965G : All versions

Unified IP Phone 7975G : All versions

Cisco IP Conference Phone 7832: before 14.1(1)

Cisco IP Conference Phone 8832: before 14.1(1)

Cisco IP Phone 7811: before 14.1(1)

Cisco IP Phone 7821: before 14.1(1)

Cisco IP Phone 7841: before 14.1(1)

Cisco IP Phone 7861: before 14.1(1)

Cisco IP Phone 8811: before 14.1(1)

Cisco IP Phone 8841: before 14.1(1)

Cisco IP Phone 8845: before 14.1(1)

Cisco IP Phone 8851: before 14.1(1)

Cisco IP Phone 8861: before 14.1(1)

Cisco IP Phone 8865: before 14.1(1)

Unified SIP Phone 3905: before 9.4(1)SR5

Cisco Wireless IP Phone 8821: before 11.0(6)Sr2

Cisco Wireless IP Phone 8821-EX: before 11.0(6)SR2

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA
http://seclists.org/fulldisclosure/2022/Jan/34
http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###