CVE-2012-1328
Summary
| CVE | CVE-2012-1328 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2012-05-03 23:55:00 UTC |
| Updated | 2017-12-07 02:29:00 UTC |
| Description | Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237. |
Risk And Classification
Problem Types: CWE-94
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Unified Ip Phone | 9900 | All | All | All |
| Hardware | Cisco | Unified Ip Phone | 9900 | All | All | All |
| Hardware | Cisco | Unified Ip Phone Firmware | 9.1 | All | All | All |
| Hardware | Cisco | Unified Ip Phone Firmware | 9.2 | All | All | All |
| Hardware | Cisco | Unified Ip Phone Firmware | 9.1 | All | All | All |
| Hardware | Cisco | Unified Ip Phone Firmware | 9.2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Cisco Unified IP Phones 8961, 9951, and 9971(SIP) Release Notes for Firmware Release 9.2(3) - Cisco Systems | CONFIRM | www.cisco.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.