Product:

Spa942_4\-Line_ip_phone_with_2\-Port_switch

(Cisco)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 2
Date Id Summary Products Score Patch Annotated
2014-07-09 CVE-2014-3313 Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuo52582. Spa901_1\-Line_ip_phone, Spa922_1\-Line_ip_phone_with_1\-Port_ethernet, Spa941_4\-Line_ip_phone_with_1\-Port_ethernet, Spa942_4\-Line_ip_phone_with_2\-Port_switch, Spa962_6\-Line_ip_phone_with_2\-Port_switch, Spa_301_1_line_ip_phone, Spa_303_3_line_ip_phone, Spa_501g_8\-Line_ip_phone, Spa_502g_1\-Line_ip_phone, Spa_504g_4\-Line_ip_phone, Spa_508g_8\-Line_ip_phone, Spa_509g_12\-Line_ip_phone, Spa_512g_1\-Line_ip_phone, Spa_514g_4\-Line_ip_phone, Spa_525g2_5\-Line_ip_phone, Spa_525g_5\-Line_ip_phone N/A
2014-07-09 CVE-2014-3312 The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435. Spa901_1\-Line_ip_phone, Spa922_1\-Line_ip_phone_with_1\-Port_ethernet, Spa941_4\-Line_ip_phone_with_1\-Port_ethernet, Spa942_4\-Line_ip_phone_with_2\-Port_switch, Spa962_6\-Line_ip_phone_with_2\-Port_switch, Spa_301_1_line_ip_phone, Spa_303_3_line_ip_phone, Spa_501g_8\-Line_ip_phone, Spa_502g_1\-Line_ip_phone, Spa_504g_4\-Line_ip_phone, Spa_508g_8\-Line_ip_phone, Spa_509g_12\-Line_ip_phone, Spa_512g_1\-Line_ip_phone, Spa_514g_4\-Line_ip_phone, Spa_525g2_5\-Line_ip_phone, Spa_525g_5\-Line_ip_phone N/A