Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2020-3360

Published: 18/06/2020 Updated: 06/08/2021
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Unified Ip Phone 6901 Firmware

Vulnerability Summary

A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote malicious user to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the malicious user to bypass access restrictions. A successful attack could allow the malicious user to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco unified_ip_phone_6901_firmware

cisco unified_ip_phone_6961_firmware

cisco unified_ip_phone_6945_firmware

cisco unified_ip_phone_6941_firmware

cisco unified_ip_phone_6921_firmware

cisco unified_ip_phone_6911_firmware

cisco unified_ip_phone_7832_firmware

cisco unified_ip_phone_7861_firmware

cisco unified_ip_phone_7841_firmware

cisco unified_ip_phone_7821_firmware

cisco unified_ip_phone_7811_firmware

cisco unified_ip_phone_7937g_firmware

cisco unified_ip_phone_7975g_firmware

cisco unified_ip_phone_7965g_firmware

cisco unified_ip_phone_7962g_firmware

cisco unified_ip_phone_7961g_firmware

cisco unified_ip_phone_7960g_firmware

cisco unified_ip_phone_7945g_firmware

cisco unified_ip_phone_7942g_firmware

cisco unified_ip_phone_7941g_firmware

cisco unified_ip_phone_7940g_firmware

cisco unified_ip_phone_7931g_firmware

cisco unified_ip_phone_7911g_firmware

cisco unified_ip_phone_7906g_firmware

cisco unified_ip_phone_8811_firmware

cisco unified_ip_phone_8841_firmware

cisco unified_ip_phone_8845_firmware

cisco unified_ip_phone_8851_firmware

cisco unified_ip_phone_8851nr_firmware

cisco unified_ip_phone_8861_firmware

cisco unified_ip_phone_8865_firmware

cisco unified_ip_phone_8865nr_firmware

cisco unified_ip_phone_8961_firmware

cisco unified_ip_phone_8945_firmware

cisco unified_ip_phone_8941_firmware

cisco unified_ip_phone_9971_firmware

cisco unified_ip_phone_9951_firmware

Vendor Advisories

Cisco: Cisco IP Phones Call Log Information Disclosure Vulnerability
A vulnerability in the Web Access feature of Cisco IP Phones could allow an unauthenticated, remote attacker to view sensitive information on an affected device The vulnerability is due to improper access controls on the web-based management interface of an affected device An attacker could exploit this vulnerability by sending malicious requests ...

References

CWE-863https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExMhttps://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook