Lucene search
CiscoCVE-2015-4226HistoryJun 30, 2015 - 3:59 p.m.
CVE-2015-4226
2015-06-3015:59:17
CWE-399
cisco
web.nvd.nist.gov
29
cisco
9900 phones
firmware
rtp protocol
denial of service
vulnerability
nvd
cve-2015-4226
CVSS2
7.1
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
AI Score
6.9
Confidence
High
EPSS
0.003
Percentile
65.8%
The packet-storing feature on Cisco 9900 phones with firmware 9.3(2) does not properly support the RTP protocol, which allows remote attackers to cause a denial of service (device hang) by sending malformed RTP packets after a call is answered, aka Bug ID CSCur39976.
Affected configurations
Node
ciscounified_ip_phones_9900_series_firmwareMatch9.3\(2\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_ip_phones_9900_series_firmware | 9.3(2) | cpe:2.3:o:cisco:unified_ip_phones_9900_series_firmware:9.3\(2\):*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2015-06-30 15:59:00
cisco
cisco
Cisco Unified IP Phones 9900 Series Denial of Service Vulnerability
2015-06-29 18:05:35
nvd
nvd
CVE-2015-4226
2015-06-30 15:59:17
nessus
nessus
Cisco Unified IP Phones 9900 Series Denial of Service (CVE-2015-4226)
2024-03-18 00:00:00
cvelist
cvelist
CVE-2015-4226
2015-06-30 15:00:00
CVSS2
7.1
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
AI Score
6.9
Confidence
High
EPSS
0.003
Percentile
65.8%
Related for CVE-2015-4226