ID

VAR-202303-0475


CVE

CVE-2023-20078


TITLE

Out-of-bounds write vulnerability in multiple Cisco Systems products

Trust: 0.8

sources: JVNDB: JVNDB-2023-003782

DESCRIPTION

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. IP Phone 6871 firmware, IP Phone 6861 firmware, IP Phone 6851 Multiple Cisco Systems products, including firmware, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2023-20078 // JVNDB: JVNDB-2023-003782 // VULMON: CVE-2023-20078

AFFECTED PRODUCTS

vendor:ciscomodel:ip phone 6825scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 7861scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 6851scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 8861scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 6871scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 7821scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 7811scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 8851scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 8845scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 8841scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 6841scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 7841scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 8832scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 7832scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 8811scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 8865scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:ciscomodel:ip phone 6861scope:ltversion:11.3.7sr1

Trust: 1.0

vendor:シスコシステムズmodel:ip phone 8811scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 6851scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 7832scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 6861scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 8841scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 8851scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 8845scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 7841scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 8861scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 8832scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 7811scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 7821scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 8865scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 6841scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 6871scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 6825scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:ip phone 7861scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-003782 // NVD: CVE-2023-20078

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-20078
value: CRITICAL

Trust: 1.0

ykramarz@cisco.com: CVE-2023-20078
value: CRITICAL

Trust: 1.0

NVD: CVE-2023-20078
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202303-214
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2023-20078
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2023-20078
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-003782 // CNNVD: CNNVD-202303-214 // NVD: CVE-2023-20078 // NVD: CVE-2023-20078

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-003782 // NVD: CVE-2023-20078

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202303-214

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202303-214

PATCH

title:cisco-sa-ip-phone-cmd-inj-KMFynVcPurl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP

Trust: 0.8

title:Cisco IP Phone Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=228519

Trust: 0.6

title:Cisco: Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ip-phone-cmd-inj-KMFynVcP

Trust: 0.1

sources: VULMON: CVE-2023-20078 // JVNDB: JVNDB-2023-003782 // CNNVD: CNNVD-202303-214

EXTERNAL IDS

db:NVDid:CVE-2023-20078

Trust: 3.3

db:JVNDBid:JVNDB-2023-003782

Trust: 0.8

db:AUSCERTid:ESB-2023.1306.3

Trust: 0.6

db:CNNVDid:CNNVD-202303-214

Trust: 0.6

db:VULMONid:CVE-2023-20078

Trust: 0.1

sources: VULMON: CVE-2023-20078 // JVNDB: JVNDB-2023-003782 // CNNVD: CNNVD-202303-214 // NVD: CVE-2023-20078

REFERENCES

url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ip-phone-cmd-inj-kmfynvcp

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-20078

Trust: 1.4

url:https://www.auscert.org.au/bulletins/esb-2023.1306.3

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2023-20078/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-20078 // JVNDB: JVNDB-2023-003782 // CNNVD: CNNVD-202303-214 // NVD: CVE-2023-20078

SOURCES

db:VULMONid:CVE-2023-20078
db:JVNDBid:JVNDB-2023-003782
db:CNNVDid:CNNVD-202303-214
db:NVDid:CVE-2023-20078

LAST UPDATE DATE

2024-08-14T14:10:13.589000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-20078date:2023-03-03T00:00:00
db:JVNDBid:JVNDB-2023-003782date:2023-10-05T07:15:00
db:CNNVDid:CNNVD-202303-214date:2023-03-14T00:00:00
db:NVDid:CVE-2023-20078date:2023-11-07T04:05:58.303

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-20078date:2023-03-03T00:00:00
db:JVNDBid:JVNDB-2023-003782date:2023-10-05T00:00:00
db:CNNVDid:CNNVD-202303-214date:2023-03-03T00:00:00
db:NVDid:CVE-2023-20078date:2023-03-03T16:15:10.277