Detections
Analytics

Cisco IP Phones 7910, 7940, and 7960 Incorrect Default Permissions (CVE-2002-0881)

low Tenable OT Security Plugin ID 502774

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://online.securityfocus.com/archive/1/273673

http://www.nessus.org/u?b1d74bb7

http://www.iss.net/security_center/static/9144.php

http://www.securityfocus.com/bid/4799

Plugin Details

Severity: Low

ID: 502774

Version: 1.2

Type: remote

Family: Tenable.ot

Published: 12/4/2024

Updated: 12/5/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2002-0881

Vulnerability Information

CPE: cpe:/h:cisco:voip_phone_cp-7940:3.0, cpe:/h:cisco:voip_phone_cp-7940:3.1, cpe:/h:cisco:voip_phone_cp-7940:3.2

Required KB Items: Tenable.ot/Cisco

Exploit Ease: No known exploits are available

Patch Publication Date: 10/4/2002

Vulnerability Publication Date: 10/4/2002

Reference Information

CVE: CVE-2002-0881