CVE-2020-3111HIGH
Description
A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html
Details
Source: MITRE
Published: 2020-02-05
Updated: 2020-02-07
Type: CWE-20
Risk Information
CVSS v2.0
Base Score: 8.3
Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 6.5
Severity: HIGH
CVSS v3.0
Base Score: 8.8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 2.8
Severity: HIGH
Vulnerable Software
Configuration 1
AND
OR
cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_conference_phone_7832_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 2
AND
OR
cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_conference_phone_8832_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 3
AND
OR
OR
Configuration 4
AND
OR
OR
Configuration 5
AND
OR
OR
Configuration 6
AND
OR
OR
Configuration 7
AND
OR
OR
Configuration 8
AND
OR
cpe:2.3:o:cisco:ip_phone_7811_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_phone_7811_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 9
AND
OR
cpe:2.3:o:cisco:ip_phone_7821_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_phone_7821_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 10
AND
OR
cpe:2.3:o:cisco:ip_phone_7841_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_phone_7841_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 11
AND
OR
cpe:2.3:o:cisco:ip_phone_7861_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_phone_7861_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 12
AND
OR
cpe:2.3:o:cisco:ip_phone_8811_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_phone_8811_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 13
AND
OR
cpe:2.3:o:cisco:ip_phone_8841_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_phone_8841_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 14
AND
OR
cpe:2.3:o:cisco:ip_phone_8851_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_phone_8851_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 15
AND
OR
cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_phone_8861_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 16
AND
OR
cpe:2.3:o:cisco:ip_phone_8845_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_phone_8845_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 17
AND
OR
cpe:2.3:o:cisco:ip_phone_8865_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ip_phone_8865_with_multiplatform_firmware:*:*:*:*:*:*:*:*
OR
Configuration 18
AND
OR
cpe:2.3:o:cisco:unified_ip_conference_phone_8831_firmware:*:*:*:*:*:*:*:*
OR
cpe:2.3:h:cisco:unified_ip_conference_phone_8831:-:*:*:*:*:*:*:*
Configuration 19
AND
OR
OR
cpe:2.3:h:cisco:unified_ip_conference_phone_8831_for_third-party_call_control:-:*:*:*:*:*:*:*
Configuration 20
AND
OR
cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:*:*:*:*:*:*:*:*
OR
Configuration 21
AND
OR
cpe:2.3:o:cisco:wireless_ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*
OR