Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Spa5x5_firmware
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-02-25 | CVE-2019-1683 | A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP) conversation. The vulnerability is due to the improper validation of server certificates. An attacker could exploit this vulnerability by crafting a malicious server certificate to present to the client. An exploit could... | Spa112_firmware, Spa500_firmware, Spa500ds_firmware, Spa500s_firmware, Spa501g_firmware, Spa502g_firmware, Spa504g_firmware, Spa508g_firmware, Spa509g_firmware, Spa512g_firmware, Spa514g_firmware, Spa525_firmware, Spa525g_firmware, Spa5x5_firmware | 7.4 |