Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 3 |
CVE-ID | CVE-2024-20357 CVE-2024-20376 CVE-2024-20378 |
CWE-ID | CWE-611 CWE-20 CWE-305 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
IP Phone 6800 Series with Multiplatform Firmware Other software / Other software solutions IP Phone 7800 Series with Multiplatform Firmware Other software / Other software solutions Cisco IP Phone 8800 Series with Multiplatform Firmware Hardware solutions / Office equipment, IP-phones, print servers Video Phone 8875 in Multiplatform Mode Hardware solutions / Office equipment, IP-phones, print servers |
Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU89097
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20357
CWE-ID:
CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to initiate phone calls on the target device.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can pass a specially crafted XML code to the affected application and initiate calls or play sounds on the target device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIP Phone 6800 Series with Multiplatform Firmware: 12.0.4
IP Phone 7800 Series with Multiplatform Firmware: 12.0.4
Cisco IP Phone 8800 Series with Multiplatform Firmware: 12.0.4
Video Phone 8875 in Multiplatform Mode: 2.3.1.001
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89098
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20376
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the web-based management interface. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIP Phone 6800 Series with Multiplatform Firmware: 12.0.4
IP Phone 7800 Series with Multiplatform Firmware: 12.0.4
Cisco IP Phone 8800 Series with Multiplatform Firmware: 12.0.4
Video Phone 8875 in Multiplatform Mode: 2.3.1.001
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89099
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-20378
CWE-ID:
CWE-305 - Authentication Bypass by Primary Weakness
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a lack of authentication for specific endpoints of the web-based management interface. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIP Phone 6800 Series with Multiplatform Firmware: 12.0.4
IP Phone 7800 Series with Multiplatform Firmware: 12.0.4
Cisco IP Phone 8800 Series with Multiplatform Firmware: 12.0.4
Video Phone 8875 in Multiplatform Mode: 2.3.1.001
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.