Published: 12/09/2016 Updated: 27/06/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote malicious users to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco spa300_firmware
cisco spa500_firmware

A vulnerability in the HTTP framework of Cisco Small Business SPA300 Series IP Phones, Cisco Small Business SPA500 Series IP Phones, and Cisco SPA51x IP Phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device The vulnerability is due to incorrect handling of malformed HTTP traffic ...

CWE-399 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-spa http://www.securityfocus.com/bid/92706 http://www.securitytracker.com/id/1036717 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-spa

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-1469

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect