漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
Cisco IP Phone 8800 Series Authorization Bypass Vulnerability
漏洞信息
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected.
漏洞信息
N/A
漏洞
访问控制不恰当
漏洞
Cisco IP Phone 8800 Series Session Initiation Protocol软件访问控制错误漏洞
漏洞信息
Cisco IP Phone 8800 Series是美国思科(Cisco)公司的一款8800系列的IP电话。Session Initiation Protocol(SIP)Software是其中的一款会话发起协议软件。 Cisco IP Phone 8800 Series中的SIP软件的基于Web的管理界面存在访问控制错误漏洞,该漏洞源于程序在处理请求之前没有过滤URLs。远程攻击者可通过提交特制的URL利用该漏洞绕过授权,使用重要的服务功能并造成拒绝服务。以下产品受到影响:Cisco Wireless
漏洞信息
N/A
漏洞
N/A