CVE-2023-20018

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication.

Una vulnerabilidad en la interfaz de administración basada en web de los teléfonos Cisco IP Phone de las series 7800 y 8800 podría permitir que un atacante remoto no autenticado omita la autenticación en un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de la entrada proporcionada por el usuario. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud manipulada a la interfaz de administración basada en web. Un exploit exitoso podría permitir al atacante acceder a ciertas partes de la interfaz web que normalmente requerirían autenticación.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-10-27 CVE Reserved
2023-01-19 CVE Published
2024-08-02 CVE Updated
2024-08-11 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-288: Authentication Bypass Using an Alternate Path or Channel
CWE-863: Incorrect Authorization

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR	2024-01-25

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Ip Phone 7800 Firmware Search vendor "Cisco" for product "Ip Phone 7800 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 7800 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7800 Search vendor "Cisco" for product "Ip Phone 7800"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 7811 Firmware Search vendor "Cisco" for product "Ip Phone 7811 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 7811 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7811 Search vendor "Cisco" for product "Ip Phone 7811"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 7821 Firmware Search vendor "Cisco" for product "Ip Phone 7821 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 7821 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7821 Search vendor "Cisco" for product "Ip Phone 7821"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 7832 Firmware Search vendor "Cisco" for product "Ip Phone 7832 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 7832 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7832 Search vendor "Cisco" for product "Ip Phone 7832"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 7841 Firmware Search vendor "Cisco" for product "Ip Phone 7841 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 7841 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7841 Search vendor "Cisco" for product "Ip Phone 7841"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 7861 Firmware Search vendor "Cisco" for product "Ip Phone 7861 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 7861 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 7861 Search vendor "Cisco" for product "Ip Phone 7861"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8800 Firmware Search vendor "Cisco" for product "Ip Phone 8800 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8800 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8800 Search vendor "Cisco" for product "Ip Phone 8800"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8811 Firmware Search vendor "Cisco" for product "Ip Phone 8811 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8811 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8811 Search vendor "Cisco" for product "Ip Phone 8811"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8821 Firmware Search vendor "Cisco" for product "Ip Phone 8821 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8821 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8821 Search vendor "Cisco" for product "Ip Phone 8821"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8821-ex Firmware Search vendor "Cisco" for product "Ip Phone 8821-ex Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8821-ex Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8821-ex Search vendor "Cisco" for product "Ip Phone 8821-ex"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8831 Firmware Search vendor "Cisco" for product "Ip Phone 8831 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8831 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8831 Search vendor "Cisco" for product "Ip Phone 8831"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8832 Firmware Search vendor "Cisco" for product "Ip Phone 8832 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8832 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8832 Search vendor "Cisco" for product "Ip Phone 8832"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8841 Firmware Search vendor "Cisco" for product "Ip Phone 8841 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8841 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8841 Search vendor "Cisco" for product "Ip Phone 8841"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8845 Firmware Search vendor "Cisco" for product "Ip Phone 8845 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8845 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8845 Search vendor "Cisco" for product "Ip Phone 8845"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8851 Firmware Search vendor "Cisco" for product "Ip Phone 8851 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8851 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8851 Search vendor "Cisco" for product "Ip Phone 8851"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8861 Firmware Search vendor "Cisco" for product "Ip Phone 8861 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8861 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8861 Search vendor "Cisco" for product "Ip Phone 8861"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phone 8865 Firmware Search vendor "Cisco" for product "Ip Phone 8865 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phone 8865 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phone 8865 Search vendor "Cisco" for product "Ip Phone 8865"	-	-	Safe
Cisco Search vendor "Cisco"	Ip Phones 8832 Firmware Search vendor "Cisco" for product "Ip Phones 8832 Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Ip Phones 8832 Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Ip Phones 8832 Search vendor "Cisco" for product "Ip Phones 8832"	-	-	Safe
Cisco Search vendor "Cisco"	Unified Ip Phone 8851nr Firmware Search vendor "Cisco" for product "Unified Ip Phone 8851nr Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Unified Ip Phone 8851nr Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Unified Ip Phone 8851nr Search vendor "Cisco" for product "Unified Ip Phone 8851nr"	-	-	Safe
Cisco Search vendor "Cisco"	Unified Ip Phone 8865nr Firmware Search vendor "Cisco" for product "Unified Ip Phone 8865nr Firmware"	< 14.1\(1\)sr2 Search vendor "Cisco" for product "Unified Ip Phone 8865nr Firmware" and version " < 14.1\(1\)sr2"	-	Affected	in	Cisco Search vendor "Cisco"	Unified Ip Phone 8865nr Search vendor "Cisco" for product "Unified Ip Phone 8865nr"	-	-	Safe
Cisco Search vendor "Cisco"	Wireless Ip Phone 8821 Firmware Search vendor "Cisco" for product "Wireless Ip Phone 8821 Firmware"	< 11.0\(6\)sr4 Search vendor "Cisco" for product "Wireless Ip Phone 8821 Firmware" and version " < 11.0\(6\)sr4"	-	Affected	in	Cisco Search vendor "Cisco"	Wireless Ip Phone 8821 Search vendor "Cisco" for product "Wireless Ip Phone 8821"	-	-	Safe
Cisco Search vendor "Cisco"	Wireless Ip Phone 8821-ex Firmware Search vendor "Cisco" for product "Wireless Ip Phone 8821-ex Firmware"	< 11.0\(6\)sr4 Search vendor "Cisco" for product "Wireless Ip Phone 8821-ex Firmware" and version " < 11.0\(6\)sr4"	-	Affected	in	Cisco Search vendor "Cisco"	Wireless Ip Phone 8821-ex Search vendor "Cisco" for product "Wireless Ip Phone 8821-ex"	-	-	Safe