Detections
Analytics

Cisco IP Phones 7910, 7940, and 7960 Denial of Service (CVE-2002-0882)

medium Tenable OT Security Plugin ID 502776

Synopsis

The remote OT asset is affected by a vulnerability.

Description

The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://online.securityfocus.com/archive/1/273673

http://www.nessus.org/u?b1d74bb7

http://www.iss.net/security_center/static/9142.php

http://www.iss.net/security_center/static/9143.php

http://www.securityfocus.com/bid/4794

http://www.securityfocus.com/bid/4798

Plugin Details

Severity: Medium

ID: 502776

Version: 1.2

Type: remote

Family: Tenable.ot

Published: 12/4/2024

Updated: 12/5/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P

CVSS Score Source: CVE-2002-0882

Vulnerability Information

CPE: cpe:/h:cisco:voip_phone_cp-7940:3.0, cpe:/h:cisco:voip_phone_cp-7940:3.1, cpe:/h:cisco:voip_phone_cp-7940:3.2

Required KB Items: Tenable.ot/Cisco

Exploit Ease: No known exploits are available

Patch Publication Date: 10/4/2002

Vulnerability Publication Date: 10/4/2002

Reference Information

CVE: CVE-2002-0882