SPA300 Series IP Phones

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2017-12271	Cisco Systems, Inc. Spa300 Firmware	Hig	0.57	8.8	0.01		Oct 19, 2017	A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this…
CVE-2017-12219	Cisco Systems, Inc. Spa300 Firmware	Hig	0.49	7.5	0.03		Sep 21, 2017	A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. The…

CVE-2017-12271HigOct 19, 2017
Cisco Systems, Inc.
Spa300 Firmware
risk 0.57cvss 8.8epss 0.01
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this…
CVE-2017-12219HigSep 21, 2017
Cisco Systems, Inc.
Spa300 Firmware
risk 0.49cvss 7.5epss 0.03
A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. The…