How to Buy
This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote IP telephony device is missing a vendor-supplied patch.
According to its self-reported version, the version of the Cisco
Unified IP Phone software running on the remote device has the following
- Cisco Unified IP Phones 7900 series are prone to
privilege escalation vulnerabilities. An authenticated
attacker could exploit this issue to perform
unauthorized phone configuration changes or to gain
access to sensitive information. (CVE-2011-1602,
- Cisco Unified IP Phones 7900 series are prone to a
security bypass vulnerability. An attacker can exploit
this issue to bypass the signature-verification
mechanism. Successful exploits could allow an
authenticated attacker to load a crafted software image
with no signature verification. (CVE-2011-1637)
See also :
Apply the relevant update referenced in Cisco Security Advisory
Risk factor :
Medium / CVSS Base Score : 6.6
CVSS Temporal Score : 5.7
Public Exploit Available : true
Nessus Plugin ID: 70095 ()
Bugtraq ID: 480744807548079
CVE ID: CVE-2011-1602CVE-2011-1603CVE-2011-1637
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.