Cisco » Unified Ip Phones 9900 Series Firmware : Security Vulnerabilities, CVEs, (Denial of service)
The packet-storing feature on Cisco 9900 phones with firmware 9.3(2) does not properly support the RTP protocol, which allows remote attackers to cause a denial of service (device hang) by sending malformed RTP packets after a call is answered, aka Bug ID CSCur39976.
Max CVSS
7.1
EPSS Score
0.26%
Published
2015-06-30
Updated
2017-01-04
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing to a phone's filesystem, aka Bug ID CSCup90474.
Max CVSS
4.6
EPSS Score
0.04%
Published
2015-02-07
Updated
2017-09-08
The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to cause a denial of service (logoff) via crafted packets, aka Bug ID CSCuq12139.
Max CVSS
5.0
EPSS Score
0.49%
Published
2015-02-07
Updated
2017-09-08
Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898.
Max CVSS
5.4
EPSS Score
1.17%
Published
2014-01-10
Updated
2017-08-29
Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service (webapp interface outage) via long values in unspecified fields, aka Bug ID CSCuh10343.
Max CVSS
5.0
EPSS Score
0.35%
Published
2013-10-11
Updated
2016-09-22
5 vulnerabilities found