// For flags

CVE-2020-3360

Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.

Una vulnerabilidad en la funcionalidad Web Access de Cisco IP Phones Series 7800 y Series 8800, podría permitir a un atacante remoto no autenticado visualizar información confidencial sobre un dispositivo afectado. La vulnerabilidad es debido a controles de acceso inapropiados en la interfaz de administración basada en web de un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad mediante el envío de solicitudes maliciosas al dispositivo, lo que podría permitirle omitir las restricciones de acceso. Un ataque con éxito podría permitir al atacante visualizar información confidencial, incluyendo los registros de llamadas del dispositivo que contienen nombres, nombres de usuario y números de teléfono de los usuarios del dispositivo

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2019-12-12 CVE Reserved
  • 2020-06-18 CVE Published
  • 2023-06-21 EPSS Updated
  • 2024-11-15 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
  • CWE-863: Incorrect Authorization
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Unified Ip Phone 6901 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 6901 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 6901 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 6901
Search vendor "Cisco" for product "Unified Ip Phone 6901"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 6961 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 6961 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 6961 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 6961
Search vendor "Cisco" for product "Unified Ip Phone 6961"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 6945 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 6945 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 6945 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 6945
Search vendor "Cisco" for product "Unified Ip Phone 6945"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 6941 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 6941 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 6941 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 6941
Search vendor "Cisco" for product "Unified Ip Phone 6941"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 6921 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 6921 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 6921 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 6921
Search vendor "Cisco" for product "Unified Ip Phone 6921"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 6911 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 6911 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 6911 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 6911
Search vendor "Cisco" for product "Unified Ip Phone 6911"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7832 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7832 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7832 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7832
Search vendor "Cisco" for product "Unified Ip Phone 7832"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7861 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7861 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7861 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7861
Search vendor "Cisco" for product "Unified Ip Phone 7861"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7841 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7841 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7841 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7841
Search vendor "Cisco" for product "Unified Ip Phone 7841"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7821 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7821 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7821 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7821
Search vendor "Cisco" for product "Unified Ip Phone 7821"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7811 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7811 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7811 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7811
Search vendor "Cisco" for product "Unified Ip Phone 7811"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7937g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7937g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7937g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7937g
Search vendor "Cisco" for product "Unified Ip Phone 7937g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7975g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7975g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7975g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7975g
Search vendor "Cisco" for product "Unified Ip Phone 7975g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7965g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7965g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7965g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7965g
Search vendor "Cisco" for product "Unified Ip Phone 7965g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7962g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7962g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7962g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7962g
Search vendor "Cisco" for product "Unified Ip Phone 7962g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7961g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7961g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7961g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7961g
Search vendor "Cisco" for product "Unified Ip Phone 7961g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7960g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7960g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7960g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7960g
Search vendor "Cisco" for product "Unified Ip Phone 7960g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7945g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7945g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7945g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7945g
Search vendor "Cisco" for product "Unified Ip Phone 7945g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7942g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7942g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7942g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7942g
Search vendor "Cisco" for product "Unified Ip Phone 7942g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7941g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7941g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7941g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7941g
Search vendor "Cisco" for product "Unified Ip Phone 7941g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7940g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7940g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7940g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7940g
Search vendor "Cisco" for product "Unified Ip Phone 7940g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7931g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7931g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7931g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7931g
Search vendor "Cisco" for product "Unified Ip Phone 7931g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7911g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7911g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7911g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7911g
Search vendor "Cisco" for product "Unified Ip Phone 7911g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 7906g Firmware
Search vendor "Cisco" for product "Unified Ip Phone 7906g Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 7906g Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 7906g
Search vendor "Cisco" for product "Unified Ip Phone 7906g"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8811 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8811 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8811 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8811
Search vendor "Cisco" for product "Unified Ip Phone 8811"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8841 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8841 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8841 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8841
Search vendor "Cisco" for product "Unified Ip Phone 8841"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8845 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8845 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8845 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8845
Search vendor "Cisco" for product "Unified Ip Phone 8845"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8851 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8851 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8851 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8851
Search vendor "Cisco" for product "Unified Ip Phone 8851"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8851nr Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8851nr Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8851nr Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8851nr
Search vendor "Cisco" for product "Unified Ip Phone 8851nr"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8861 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8861 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8861 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8861
Search vendor "Cisco" for product "Unified Ip Phone 8861"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8865 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8865 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8865 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8865
Search vendor "Cisco" for product "Unified Ip Phone 8865"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8865nr Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8865nr Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8865nr Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8865nr
Search vendor "Cisco" for product "Unified Ip Phone 8865nr"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8961 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8961 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8961 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8961
Search vendor "Cisco" for product "Unified Ip Phone 8961"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8945 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8945 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8945 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8945
Search vendor "Cisco" for product "Unified Ip Phone 8945"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 8941 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 8941 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 8941 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 8941
Search vendor "Cisco" for product "Unified Ip Phone 8941"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 9971 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 9971 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 9971 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 9971
Search vendor "Cisco" for product "Unified Ip Phone 9971"
--
Safe
Cisco
Search vendor "Cisco"
Unified Ip Phone 9951 Firmware
Search vendor "Cisco" for product "Unified Ip Phone 9951 Firmware"
<= 12.8\(1\)
Search vendor "Cisco" for product "Unified Ip Phone 9951 Firmware" and version " <= 12.8\(1\)"
-
Affected
in Cisco
Search vendor "Cisco"
Unified Ip Phone 9951
Search vendor "Cisco" for product "Unified Ip Phone 9951"
--
Safe