Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability
Vulnerability Description
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records. Note: Web Access is disabled by default.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
Cisco IP Phone 信息泄露漏洞
Vulnerability Description
Cisco IP Phone是美国思科(Cisco)公司的一个硬件设备。提供通话功能的IP电话。 Cisco IP Phone存在信息泄露漏洞,该漏洞源于基于会话初始协议(SIP)的电话负载的Web UI中敏感信息存储不当。未经身份验证的远程攻击者访问受影响设备上的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A