Cisco IP 8800 device Web application Denial of Service Vulnerability (CVE-2016-1421)
Cisco IP 8800 device Web application Denial of Service Vulnerability (CVE-2016-1421)
Release date:
Updated on:
Affected Systems:
Cisco IP Phones 8800
Description:
CVE (CAN) ID: CVE-2016-1421
Cisco IP 8800 Series Phones is a digital telephone system product.
In Cisco IP 8800 Series Phones 11.0.1 and earlier versions, the Web application does not correctly check the size of the input data. unauthenticated remote attackers can exploit this vulnerability to cause the Web server process to stop responding, this causes a denial of service.
<* Source: Cisco
Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
*>
Suggestion:
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://tools.cisco.com/security/center/publicationListing.x #~ CiscoSecurityResponse
This article permanently updates the link address: