Cisco Unified Ip Phones 9900 Series Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Unified Ip Phones 9900 Series Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2015-4226 — CVSS 7.1 (high): The packet-storing feature on Cisco 9900 phones with firmware 9.3(2) does not properly support the RTP protocol, which allows remote…
CVE-2013-5533 — CVSS 6.0 (medium): The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an…
CVE-2014-0658 — CVSS 5.4 (medium): Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID…
CVE-2015-0602 — CVSS 5.0 (medium): The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive…
CVE-2015-0600 — CVSS 5.0 (medium): The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to cause a denial of…
CVE-2013-5532 — CVSS 5.0 (medium): Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service (webapp…
CVE-2013-3426 — CVSS 5.0 (medium): The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files…
CVE-2015-0603 — CVSS 4.6 (medium): Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to…