Skip to main content

Spa 508G 8 Line Ip Phone

3 CVEs product

Monthly

CVE-2015-0670 MEDIUM This Month

The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Spa500 Firmware Spa 501G 8 Line Ip Phone Spa 502G 1 Line Ip Phone +12
NVD
CVSS 2.0
6.4
EPSS
0.3%
CVE-2014-3313 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Spa 301 1 Line Ip Phone Spa 303 3 Line Ip Phone Spa 501G 8 Line Ip Phone +13
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2014-3312 MEDIUM This Month

The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or. Rated medium severity (CVSS 6.9). No vendor patch available.

Cisco Authentication Bypass Spa 301 1 Line Ip Phone Spa 303 3 Line Ip Phone Spa 501G 8 Line Ip Phone +13
NVD
CVSS 2.0
6.9
EPSS
0.1%
EPSS 0% CVSS 6.4
MEDIUM This Month

The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Spa500 Firmware +14
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Spa 301 1 Line Ip Phone +15
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or. Rated medium severity (CVSS 6.9). No vendor patch available.

Cisco Authentication Bypass Spa 301 1 Line Ip Phone +15
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy