CVE-2015-0604
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD
Description
The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.
Affected (2)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 9.4(.1) |
| Running on/with | Platform Versions |
|---|---|
Cisco Unified Ip Phone 9971 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 9.4(.1) |
| Running on/with | Platform Versions |
|---|---|
Cisco Unified Ip Phone 9951 | All versions |
References (10)
Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.