PT-2014-3785 · Cisco · Cisco Unified Sip Phone 3905

Published

2014-02-22

Updated

2014-03-06

CVE-2014-0721

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco Unified SIP Phone 3905 versions prior to 9.4(1)

Description The issue allows remote attackers to obtain root access via a session on the test interface on TCP port 7870.

Recommendations For versions prior to 9.4(1), update to version 9.4(1) or later to resolve the issue. As a temporary workaround, consider restricting access to TCP port 7870 to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-0721

Affected Products

Cisco Unified Sip Phone 3905

PT-2014-3785 · Cisco · Cisco Unified Sip Phone 3905

CVE-2014-0721

Weakness Enumeration

Related Identifiers

Affected Products

References · 2