CVE-2015-0670 in IP Phoneinfo

Summary

The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482.

Once again VulDB remains the best source for vulnerability data.

Reservation

01/07/2015

Disclosure

03/20/2015

Moderation

VulDB entry created

Entries

VDB-74102 (1)

CPE

ready

CWE

CWE-287 (Confirmed)

CVSS

5.3

EPSS

0.00309

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-0670
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-0670
CVE Details	https://www.cvedetails.com/cve/CVE-2015-0670/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!