SPA300

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2016-1469	Cisco Systems, Inc. SPA300	Hig	0.49	7.5	0.02		Sep 12, 2016	The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385.
CVE-2015-0670	Cisco Systems, Inc. Spa 502g 1 Line IP Phone		0.00	—	0.02		Mar 21, 2015	The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482.

CVE-2016-1469HigSep 12, 2016
Cisco Systems, Inc.
SPA300
risk 0.49cvss 7.5epss 0.02
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385.
CVE-2015-0670Mar 21, 2015
Cisco Systems, Inc.
Spa 502g 1 Line IP Phone
risk 0.00cvss —epss 0.02
The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482.