Unified IP 9900

CVEs (11)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2015-0602	Cisco Systems, Inc. Unified IP 9900	—	0.00	Feb 7, 2015	The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117.
CVE-2015-0600	Cisco Systems, Inc. Unified IP 9900	—	0.01	Feb 7, 2015	The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to cause a denial of service (logoff) via crafted packets, aka Bug ID CSCuq12139.
CVE-2015-0604	Cisco Systems, Inc. Unified IP 9900	—	0.00	Feb 7, 2015	The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.
CVE-2015-0603	Cisco Systems, Inc. Unified IP 9900	—	0.00	Feb 7, 2015	Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing to a phone's filesystem, aka Bug ID CSCup90474.
CVE-2015-0601	Cisco Systems, Inc. Unified IP 9900	—	0.00	Feb 7, 2015	Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow local users to cause a denial of service (device reload) via crafted commands, aka Bug ID CSCup92790.
CVE-2014-0658	Cisco Systems, Inc. Unified IP Phones 9900 Series Firmware	—	0.02	Jan 10, 2014	Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898.
CVE-2013-5533	Cisco Systems, Inc. Unified IP Phones 9900 Series Firmware	—	0.00	Oct 11, 2013	The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334.
CVE-2012-1328	Cisco Systems, Inc. Unified IP Phone Firmware	—	0.00	May 3, 2012	Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237.
CVE-2011-1637	Cisco Systems, Inc. Skinny Client Control Protocol Software	—	0.00	Jun 2, 2011	Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 do not properly verify signatures for software images, which allows local users to gain privileges via a crafted image, aka Bug ID CSCtn65962.
CVE-2011-1603	Cisco Systems, Inc. Skinny Client Control Protocol Software	—	0.00	Jun 2, 2011	Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 allow local users to gain privileges via unspecified vectors, aka Bug ID CSCtn65815.
CVE-2011-1602	Cisco Systems, Inc. Skinny Client Control Protocol Software	—	0.00	Jun 2, 2011	The su utility on Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426.

CVE-2015-0602Feb 7, 2015
Cisco Systems, Inc.
Unified IP 9900
risk 0.00cvss —epss 0.00
The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117.
CVE-2015-0600Feb 7, 2015
Cisco Systems, Inc.
Unified IP 9900
risk 0.00cvss —epss 0.01
The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to cause a denial of service (logoff) via crafted packets, aka Bug ID CSCuq12139.
CVE-2015-0604Feb 7, 2015
Cisco Systems, Inc.
Unified IP 9900
risk 0.00cvss —epss 0.00
The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.
CVE-2015-0603Feb 7, 2015
Cisco Systems, Inc.
Unified IP 9900
risk 0.00cvss —epss 0.00
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing to a phone's filesystem, aka Bug ID CSCup90474.
CVE-2015-0601Feb 7, 2015
Cisco Systems, Inc.
Unified IP 9900
risk 0.00cvss —epss 0.00
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow local users to cause a denial of service (device reload) via crafted commands, aka Bug ID CSCup92790.
CVE-2014-0658Jan 10, 2014
Cisco Systems, Inc.
Unified IP Phones 9900 Series Firmware
risk 0.00cvss —epss 0.02
Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898.
CVE-2013-5533Oct 11, 2013
Cisco Systems, Inc.
Unified IP Phones 9900 Series Firmware
risk 0.00cvss —epss 0.00
The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334.
CVE-2012-1328May 3, 2012
Cisco Systems, Inc.
Unified IP Phone Firmware
risk 0.00cvss —epss 0.00
Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237.
CVE-2011-1637Jun 2, 2011
Cisco Systems, Inc.
Skinny Client Control Protocol Software
risk 0.00cvss —epss 0.00
Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 do not properly verify signatures for software images, which allows local users to gain privileges via a crafted image, aka Bug ID CSCtn65962.
CVE-2011-1603Jun 2, 2011
Cisco Systems, Inc.
Skinny Client Control Protocol Software
risk 0.00cvss —epss 0.00
Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 allow local users to gain privileges via unspecified vectors, aka Bug ID CSCtn65815.
CVE-2011-1602Jun 2, 2011
Cisco Systems, Inc.
Skinny Client Control Protocol Software
risk 0.00cvss —epss 0.00
The su utility on Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426.