Lucene search
PRIOn knowledge basePRION:CVE-2021-34705HistorySep 23, 2021 - 3:15 a.m.
Input validation
2021-09-2303:15:00
PRIOn knowledge base
www.prio-n.com
7
A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial strings at Foreign Exchange Office (FXO) interfaces. An attacker could exploit this vulnerability by sending a malformed dial string to an affected device via either the ISDN protocol or SIP. A successful exploit could allow the attacker to conduct toll fraud, resulting in unexpected financial impact to affected customers.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ios | eq | 12.411.0-xw6 | |
| ios | eq | 12.42.0-t2 | |
| ios | eq | 15.42.0-s2 | |
| ios | eq | 15.33.0-jnb3 | |
| ios | eq | 12.314.0-ym4 | |
| ios | eq | 12.38.0-jea1 | |
| ios | eq | 12.416.0-mr1 | |
| ios | eq | 12.310.0 | |
| ios | eq | 12.423.0-cjy | |
| ios | eq | 12.47.99 |
Related
nvd
nvd
CVE-2021-34705
2021-09-23 03:15:17
cnvd
cnvd
Cisco IOS and Cisco IOS XE Software Input Validation Error Vulnerability
2021-09-24 00:00:00
cisco
cisco
cve
cve
CVE-2021-34705
2021-09-23 03:15:17
nessus
nessus
cvelist
cvelist