Details of VAR-202307-1789

ID

VAR-202307-1789

CVE

CVE-2023-20218

TITLE

Cisco Small Business SPA500 Series IP Phones HTML Injection Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2023-61393

DESCRIPTION

A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to to modify a web page in the context of a user's browser. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to alter the contents of a web page to redirect the user to potentially malicious websites, or the attacker could use this vulnerability to conduct further client-side attacks. Cisco will not release software updates that address this vulnerability. {{value}} ["%7b%7bvalue%7d%7d"])}]]. Cisco Small Business SPA500 Series IP Phones is a SPA500 series IP phone of Cisco (Cisco). For more information about these vulnerabilities, see the Details section of this advisory. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-web-multi-7kvPmu2F

Trust: 1.53

sources: NVD: CVE-2023-20218 // CNVD: CNVD-2023-61393 // VULMON: CVE-2023-20218

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2023-61393

AFFECTED PRODUCTS

vendor:	cisco	model:	spa508g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa502g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa500ds	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa525g2	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa500s	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa514g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa501g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa525g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa509g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa525	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa504g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	spa512g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	small business spa500 series ip phones	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2023-61393 // NVD: CVE-2023-20218

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-20218
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2023-20218
value:	MEDIUM
Trust: 1.0
CNVD:	CNVD-2023-61393
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202307-1768
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2023-61393
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2023-20218
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	2.7
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2023-20218
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2023-61393 // CNNVD: CNNVD-202307-1768 // NVD: CVE-2023-20218 // NVD: CVE-2023-20218

PROBLEMTYPE DATA

problemtype:	CWE-80	Trust: 1.0
problemtype:	CWE-79	Trust: 1.0

sources: NVD: CVE-2023-20218

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202307-1768

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-202307-1768

PATCH

title:	Patch for Cisco Small Business SPA500 Series IP Phones HTML Injection Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/449301	Trust: 0.6
title:	Cisco Small Business SPA500 Series IP Phones Fixes for cross-site scripting vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=246935	Trust: 0.6
title:	Cisco: Cisco Small Business SPA500 Series IP Phones Web UI Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-spa-web-multi-7kvPmu2F	Trust: 0.1

sources: CNVD: CNVD-2023-61393 // VULMON: CVE-2023-20218 // CNNVD: CNNVD-202307-1768

EXTERNAL IDS

db:	NVD	id:	CVE-2023-20218	Trust: 2.3
db:	CNVD	id:	CNVD-2023-61393	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.4103	Trust: 0.6
db:	CNNVD	id:	CNNVD-202307-1768	Trust: 0.6
db:	VULMON	id:	CVE-2023-20218	Trust: 0.1

sources: CNVD: CNVD-2023-61393 // VULMON: CVE-2023-20218 // CNNVD: CNNVD-202307-1768 // NVD: CVE-2023-20218

REFERENCES

url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-spa-web-multi-7kvpmu2f	Trust: 1.7
url:	https://www.auscert.org.au/bulletins/esb-2023.4103	Trust: 0.6

sources: CNVD: CNVD-2023-61393 // VULMON: CVE-2023-20218 // CNNVD: CNNVD-202307-1768 // NVD: CVE-2023-20218

SOURCES

db:	CNVD	id:	CNVD-2023-61393
db:	VULMON	id:	CVE-2023-20218
db:	CNNVD	id:	CNNVD-202307-1768
db:	NVD	id:	CVE-2023-20218

LAST UPDATE DATE

2024-08-14T15:15:54.925000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2023-61393	date:	2023-08-07T00:00:00
db:	CNNVD	id:	CNNVD-202307-1768	date:	2023-07-24T00:00:00
db:	NVD	id:	CVE-2023-20218	date:	2024-01-25T17:15:37.867

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2023-61393	date:	2023-08-07T00:00:00
db:	CNNVD	id:	CNNVD-202307-1768	date:	2023-07-20T00:00:00
db:	NVD	id:	CVE-2023-20218	date:	2023-08-03T22:15:11.770