CVE-2021-1379

EPSS 0.09%
Veröffentlicht 18.11.2024 16:15:09
Zuletzt bearbeitet 06.01.2026 17:30:36
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone.
These vulnerabilities are due to missing checks when the IP phone processes a Cisco Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ip Conference Phone 7832 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Conference Phone 7832 Version-

Cisco ≫ Ip Conference Phone 7832 Firmware Version12.8(1) Update-

Cisco ≫ Ip Conference Phone 7832 Version-

Cisco ≫ Ip Conference Phone 7832 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Conference Phone 7832 Version-

Cisco ≫ Ip Conference Phone 8832 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Conference Phone 8832 Version-

Cisco ≫ Ip Conference Phone 8832 Firmware Version12.8(1) Update-

Cisco ≫ Ip Conference Phone 8832 Version-

Cisco ≫ Ip Conference Phone 8832 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Conference Phone 8832 Version-

Cisco ≫ Ip Phone 6821 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 6821 Version-

Cisco ≫ Ip Phone 6841 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 6841 Version-

Cisco ≫ Ip Phone 6851 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 6851 Version-

Cisco ≫ Ip Phone 6861 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 6861 Version-

Cisco ≫ Ip Phone 6871 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 6871 Version-

Cisco ≫ Ip Phone 7811 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Phone 7811 Version-

Cisco ≫ Ip Phone 7811 Firmware Version12.8(1) Update-

Cisco ≫ Ip Phone 7811 Version-

Cisco ≫ Ip Phone 7811 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 7811 Version-

Cisco ≫ Ip Phone 7821 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Phone 7821 Version-

Cisco ≫ Ip Phone 7821 Firmware Version12.8(1) Update-

Cisco ≫ Ip Phone 7821 Version-

Cisco ≫ Ip Phone 7821 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 7821 Version-

Cisco ≫ Ip Phone 7841 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Phone 7841 Version-

Cisco ≫ Ip Phone 7841 Firmware Version12.8(1) Update-

Cisco ≫ Ip Phone 7841 Version-

Cisco ≫ Ip Phone 7841 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 7841 Version-

Cisco ≫ Ip Phone 7861 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Phone 7861 Version-

Cisco ≫ Ip Phone 7861 Firmware Version12.8(1) Update-

Cisco ≫ Ip Phone 7861 Version-

Cisco ≫ Ip Phone 7861 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 7861 Version-

Cisco ≫ Ip Phone 8811 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Phone 8811 Version-

Cisco ≫ Ip Phone 8811 Firmware Version12.8(1) Update-

Cisco ≫ Ip Phone 8811 Version-

Cisco ≫ Ip Phone 8811 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 8811 Version-

Cisco ≫ Ip Phone 8841 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Phone 8841 Version-

Cisco ≫ Ip Phone 8841 Firmware Version12.8(1) Update-

Cisco ≫ Ip Phone 8841 Version-

Cisco ≫ Ip Phone 8841 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 8841 Version-

Cisco ≫ Ip Phone 8851 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Phone 8851 Version-

Cisco ≫ Ip Phone 8851 Firmware Version12.8(1) Update-

Cisco ≫ Ip Phone 8851 Version-

Cisco ≫ Ip Phone 8851 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 8851 Version-

Cisco ≫ Ip Phone 8861 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Phone 8861 Version-

Cisco ≫ Ip Phone 8861 Firmware Version12.8(1) Update-

Cisco ≫ Ip Phone 8861 Version-

Cisco ≫ Ip Phone 8861 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 8861 Version-

Cisco ≫ Ip Phone 8845 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Phone 8845 Version-

Cisco ≫ Ip Phone 8845 Firmware Version12.8(1) Update-

Cisco ≫ Ip Phone 8845 Version-

Cisco ≫ Ip Phone 8845 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 8845 Version-

Cisco ≫ Ip Phone 8865 Firmware Version < 12.8\(1\)

Cisco ≫ Ip Phone 8865 Version-

Cisco ≫ Ip Phone 8865 Firmware Version12.8(1) Update-

Cisco ≫ Ip Phone 8865 Version-

Cisco ≫ Ip Phone 8865 With Multiplatform Firmware Version < 11.3\(2\)

Cisco ≫ Ip Phone 8865 Version-

Cisco ≫ Unified Ip Conference Phone 8831 Firmware Version < 10.3\(1\)

Cisco ≫ Unified Ip Conference Phone 8831 Version-

Cisco ≫ Unified Ip Conference Phone 8831 Firmware Version10.3(1) Update-

Cisco ≫ Unified Ip Conference Phone 8831 Version-

Cisco ≫ Unified Ip Conference Phone 8831 Firmware Version10.3(1) Updatesr1

Cisco ≫ Unified Ip Conference Phone 8831 Version-

Cisco ≫ Unified Ip Conference Phone 8831 Firmware Version10.3(1) Updatesr2

Cisco ≫ Unified Ip Conference Phone 8831 Version-

Cisco ≫ Unified Ip Conference Phone 8831 Firmware Version10.3(1) Updatesr3

Cisco ≫ Unified Ip Conference Phone 8831 Version-

Cisco ≫ Unified Ip Conference Phone 8831 Firmware Version10.3(1) Updatesr4b

Cisco ≫ Unified Ip Conference Phone 8831 Version-

Cisco ≫ Unified Ip Conference Phone 8831 Firmware Version10.3(1) Updatesr6

Cisco ≫ Unified Ip Conference Phone 8831 Version-

Cisco ≫ Unified Ip Conference Phone 8831 For Third-party Call Control Firmware Version-

Cisco ≫ Unified Ip Conference Phone 8831 Version-

Cisco ≫ Wireless Ip Phone 8821 Firmware Version < 11.0\(6.6\)

Cisco ≫ Wireless Ip Phone 8821 Version-

Cisco ≫ Wireless Ip Phone 8821-ex Firmware Version < 11.0\(6.6\)

Cisco ≫ Wireless Ip Phone 8821-ex Version-

Cisco ≫ Spa525g Firmware Version-

Cisco ≫ Spa525g Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.26

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@cisco.com	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-rce-dos-U2PsSkz3

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-1379

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-1379

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-1379

EUVD