CVE-2023-20079

Summary

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco IP Phones with Multiplatform Firmwaren/aaffected

Weaknesses

  • CWE-121: CWE-121

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References