CVE-2018-0316
Summary
| CVE | CVE-2018-0316 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-06-07 12:29:00 UTC |
| Updated | 2019-10-09 23:31:00 UTC |
| Description | A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the firmware of an affected phone incorrectly handles errors that could occur when an incoming phone call is not answered. An attacker could exploit this vulnerability by sending a set of maliciously crafted SIP packets to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. This vulnerability affects Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware if they are running a Multiplatform Firmware release prior to Release 11.1(2). Cisco Bug IDs: CSCvi24718. |
Risk And Classification
Problem Types: CWE-755
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Ip Phone 6841 | - | All | All | All |
| Hardware | Cisco | Ip Phone 6841 | - | All | All | All |
| Hardware | Cisco | Ip Phone 6851 | - | All | All | All |
| Hardware | Cisco | Ip Phone 6851 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7811 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7811 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7821 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7821 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7841 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7841 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7861 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7861 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8811 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8811 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8841 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8841 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8845 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8845 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8851 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8851 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8861 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8861 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8865 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8865 | - | All | All | All |
| Operating System | Cisco | Ip Phone Firmware | 11.1(2) | All | All | All |
| Operating System | Cisco | Ip Phone Firmware | 11.1\(2\) | All | All | All |
| Operating System | Cisco | Ip Phone Firmware | 11.1\(2\) | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco 6800/7800/8800 Series IP Phones SIP Processing Flaw Lets Remote Users Cause the Target System to Reload - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability | CONFIRM | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.