CVE-2019-15258
Cisco SPA100 Series Analog Telephone Adapters Web Management Interface Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper validation of user-supplied requests to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the device to stop responding, requiring manual intervention for recovery.
Una vulnerabilidad en la interfaz de administración basada en web de los dispositivos Cisco SPA100 Series Analog Telephone Adapters (ATAs), podría permitir a un atacante remoto autenticado causar una condición de denegación de servicio en un dispositivo afectado. La vulnerabilidad es debido a una comprobación inapropiada de las peticiones suministradas por el usuario en la interfaz de administración basada en web. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición diseñada hacia la interfaz de administración basada en web de un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar que el dispositivo deje de responder, requiriendo intervención manual para la recuperación.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2019-08-20 CVE Reserved
- 2019-10-16 CVE Published
- 2023-03-07 EPSS Updated
- 2024-11-21 CVE Updated
- 2024-11-21 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-399: Resource Management Errors
- CWE-476: NULL Pointer Dereference
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://www.tenable.com/security/research/tra-2019-44 | 2024-11-21 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Spa112 Firmware Search vendor "Cisco" for product "Spa112 Firmware" | < 1.4.1 Search vendor "Cisco" for product "Spa112 Firmware" and version " < 1.4.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Spa112 Search vendor "Cisco" for product "Spa112" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Spa112 Firmware Search vendor "Cisco" for product "Spa112 Firmware" | 1.4.1 Search vendor "Cisco" for product "Spa112 Firmware" and version "1.4.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Spa112 Search vendor "Cisco" for product "Spa112" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Spa112 Firmware Search vendor "Cisco" for product "Spa112 Firmware" | 1.4.1 Search vendor "Cisco" for product "Spa112 Firmware" and version "1.4.1" | sr1 |
Affected
| in | Cisco Search vendor "Cisco" | Spa112 Search vendor "Cisco" for product "Spa112" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Spa112 Firmware Search vendor "Cisco" for product "Spa112 Firmware" | 1.4.1 Search vendor "Cisco" for product "Spa112 Firmware" and version "1.4.1" | sr2 |
Affected
| in | Cisco Search vendor "Cisco" | Spa112 Search vendor "Cisco" for product "Spa112" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Spa112 Firmware Search vendor "Cisco" for product "Spa112 Firmware" | 1.4.1 Search vendor "Cisco" for product "Spa112 Firmware" and version "1.4.1" | sr3 |
Affected
| in | Cisco Search vendor "Cisco" | Spa112 Search vendor "Cisco" for product "Spa112" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Spa122 Firmware Search vendor "Cisco" for product "Spa122 Firmware" | < 1.4.1 Search vendor "Cisco" for product "Spa122 Firmware" and version " < 1.4.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Spa122 Search vendor "Cisco" for product "Spa122" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Spa122 Firmware Search vendor "Cisco" for product "Spa122 Firmware" | 1.4.1 Search vendor "Cisco" for product "Spa122 Firmware" and version "1.4.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Spa122 Search vendor "Cisco" for product "Spa122" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Spa122 Firmware Search vendor "Cisco" for product "Spa122 Firmware" | 1.4.1 Search vendor "Cisco" for product "Spa122 Firmware" and version "1.4.1" | sr1 |
Affected
| in | Cisco Search vendor "Cisco" | Spa122 Search vendor "Cisco" for product "Spa122" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Spa122 Firmware Search vendor "Cisco" for product "Spa122 Firmware" | 1.4.1 Search vendor "Cisco" for product "Spa122 Firmware" and version "1.4.1" | sr2 |
Affected
| in | Cisco Search vendor "Cisco" | Spa122 Search vendor "Cisco" for product "Spa122" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Spa122 Firmware Search vendor "Cisco" for product "Spa122 Firmware" | 1.4.1 Search vendor "Cisco" for product "Spa122 Firmware" and version "1.4.1" | sr3 |
Affected
| in | Cisco Search vendor "Cisco" | Spa122 Search vendor "Cisco" for product "Spa122" | - | - |
Safe
|