PT-2024-7338 · Cisco · Cisco Ata 190 Series Analog Telephone Adapter
Zack Sanchez
·
Published
2024-10-16
·
Updated
2024-10-31
·
CVE-2024-20463
CVSS v2.0
8.5
High
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:C |
Name of the Vulnerable Software and Affected Versions:
Cisco ATA 190 Series Analog Telephone Adapter (affected versions not specified)
Description:
The issue is related to a vulnerability in the web-based management interface of the Cisco ATA 190 Series Analog Telephone Adapter firmware. This vulnerability allows an unauthenticated, remote attacker to modify the configuration or reboot an affected device by sending a malicious request to the web-based management interface. The vulnerability is due to the HTTP server allowing state changes in GET requests, which could result in a denial of service (DoS) condition.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cisco Ata 190 Series Analog Telephone Adapter