CVE-2024-20357

None

Description

A vulnerability in the XML service of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to initiate phone calls on an affected device. This vulnerability exists because bounds-checking does not occur while parsing XML requests. An attacker could exploit this vulnerability by sending a crafted XML request to an affected device. A successful exploit could allow the attacker to initiate calls or play sounds on the device.

INFO

Published Date :

2024-05-01T16:36:53.907Z

Last Modified :

2024-08-01T21:59:42.103Z

Source :

cisco

AFFECTED PRODUCTS

The following products are affected by CVE-2024-20357 vulnerability.

Vendors	Products
Cisco	Ip Phone 6821 Ip Phone 6821 With Multiplatform Firmware Ip Phone 6841 Ip Phone 6841 With Multiplatform Firmware Ip Phone 6851 Ip Phone 6851 With Multiplatform Firmware Ip Phone 6861 Ip Phone 6861 With Multiplatform Firmware Ip Phone 6871 Ip Phone 6871 With Multiplatform Firmware Ip Phone 7811 Ip Phone 7811 With Multiplatform Firmware Ip Phone 7821 Ip Phone 7821 With Multiplatform Firmware Ip Phone 7832 Ip Phone 7832 With Multiplatform Firmware Ip Phone 7841 Ip Phone 7841 With Multiplatform Firmware Ip Phone 7861 Ip Phone 7861 With Multiplatform Firmware Ip Phone 8811 Ip Phone 8811 With Multiplatform Firmware Ip Phone 8832 Ip Phone 8832 With Multiplatform Firmware Ip Phone 8841 Ip Phone 8841 With Multiplatform Firmware Ip Phone 8845 Ip Phone 8845 With Multiplatform Firmware Ip Phone 8851 Ip Phone 8851 With Multiplatform Firmware Ip Phone 8861 Ip Phone 8861 With Multiplatform Firmware Ip Phone 8865 Ip Phone 8865 With Multiplatform Firmware Video Phone 8875 Video Phone 8875 Firmware

Vendors

Products

Cisco