Unified ip phones 9900 series firmware
This hub aggregates every CVE we track for Unified ip phones 9900 series firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM7HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 8 most recently published vulnerabilities affecting Unified ip phones 9900 series firmware.
- CVE-2015-4226The packet-storing feature on Cisco 9900 phones with firmware 9.3(2) does not properly support the RTP protocol, which allows remote attackers to cause a denial of service (device hang) by sending ...7.1
- CVE-2015-0600The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to cause a denial of service (logoff) via crafted packets, aka Bug ID CSCuq12139.5.0
- CVE-2015-0602The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117.5.0
- CVE-2015-0603Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writi...4.6
- CVE-2014-0658Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898.5.4
- CVE-2013-5533The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334.6.0
- CVE-2013-5532Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service (webapp interface outage) via long values in unspecified fields, aka Bu...5.0
- CVE-2013-3426The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSC...5.0
Product normalization is registry-driven with AI assist and human review. How it works