Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905

cisco-sa-20140219-phone · Critical · Published · Updated

A vulnerability in the Cisco Unified SIP Phone 3905 could allow an unauthenticated, remote attacker to gain root-level access to an affected device. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-phone

Cisco advisory · CSAF JSON

Workarounds

Workarounds that mitigate this vulnerability are not available. 

Mitigations that can be deployed on Cisco devices within the network are available in the Applied Mitigation Bulletin at the following link: Mitigation and Identification of the Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905["http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=32559"].

CVEsCVE-2014-0721
Cisco Bug IDsCSCuh75574
CVSS ScoreBase 10.0
Base 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C
Product Names From Source
Cisco Unified SIP Phone 3900 Series Firmware

Related Products

Product CVE Evidence
Cisco Unified SIP Phone 3900 Series Firmware CVE-2014-0721 Cisco OpenVuln