Cisco Video Phone 8875 up to 14.2(1)SR3 Session Initiation Protocol information disclosure

Summaryinfo

A vulnerability marked as problematic has been reported in Cisco Desk Phone 9800, IP Phone 7800, IP Phone 8800 and Video Phone 8875. This affects an unknown part of the component Session Initiation Protocol Handler. Performing a manipulation results in information disclosure. This vulnerability is cataloged as CVE-2024-20445. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

Detailsinfo

A vulnerability classified as problematic has been found in Cisco Desk Phone 9800, IP Phone 7800, IP Phone 8800 and Video Phone 8875. This affects an unknown code of the component Session Initiation Protocol Handler. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is classifying the issue as CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. This is going to have an impact on confidentiality. The summary by CVE is:

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records. Note: Web Access is disabled by default.

The advisory is shared at sec.cloudapps.cisco.com. This vulnerability is uniquely identified as CVE-2024-20445 since 11/08/2023. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1592 for this issue.

The vulnerability scanner Nessus provides a plugin with the ID 211466 (Cisco IP Phones Information Disclosure (cisco-sa-phone-infodisc-sbyqQVbG)), which helps to determine the existence of the flaw in a target environment.

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at Tenable (211466). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Type

• IP Phone Software

Vendor

• Cisco

Name

• Desk Phone 9800
• IP Phone 7800
• IP Phone 8800
• Video Phone 8875

Version

• 3.0(1)
• 3.1(1)
• 3.1(1)SR1
• 9.3(3)
• 9.3(4) 3rd Party
• 9.3(4)SR1 3rd Party
• 9.3(4)SR2 3rd Party
• 9.3(4)SR3 3rd Party
• 10.1(1)SR1
• 10.1(1)SR2
• 10.1(1.9)
• 10.2(1)
• 10.2(1)SR1
• 10.2(2)
• 10.3(1)
• 10.3(1)SR1
• 10.3(1)SR2
• 10.3(1)SR3
• 10.3(1)SR4
• 10.3(1)SR4b
• 10.3(1)SR5
• 10.3(1)SR6
• 10.3(1)SR7
• 10.3(1.9) 3rd Party
• 10.3(1.11) 3rd Party
• 10.3(2)
• 10.4(1) 3rd Party
• 10.4(1)SR2 3rd Party
• 11-0-1MSR1-1
• 11.0(0.7) MPP
• 11.0(1)
• 11.5(1)
• 11.5(1)SR1
• 11.7(1)
• 12.0(1)
• 12.0(1)SR1
• 12.0(1)SR2
• 12.0(1)SR3
• 12.1(1)
• 12.1(1)SR1
• 12.5(1)
• 12.5(1)SR1
• 12.5(1)SR2
• 12.5(1)SR3
• 12.6(1)
• 12.6(1)SR1
• 12.7(1)
• 12.7(1)SR1
• 12.8(1)
• 12.8(1)SR1
• 12.8(1)SR2
• 14.0(1)
• 14.0(1)SR1
• 14.0(1)SR2
• 14.0(1)SR3
• 14.1(1)
• 14.1(1)SR1
• 14.1(1)SR2
• 14.1(1)SR3
• 14.2(1)
• 14.2(1)SR1
• 14.2(1)SR2
• 14.2(1)SR3

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion