Vulnerability Bulletins

Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability

System information
   
Affected software Cisco

Description
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an

More info:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-csrf-HOCmXW2c?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IP%20Phone%206800,%207800,%20and%208800%20Series%20with%20Multiplatform%20Firmware%20Cross-Site%20Request%20Forgery%20Vulnerability&vs_k=1

Standar resources
Property Value
CVE CVE-2023-20221.

Version history
Version Comments Date
1.0 Advisory issued 2023-08-17
Ministerio de Defensa
CNI
CCN
CCN-CERT