Vulnerability Details CVE-2015-0603
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing to a phone's filesystem, aka Bug ID CSCup90474.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.2%
CVSS Severity
CVSS v2 Score 4.6
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0603
- http://tools.cisco.com/security/center/viewAlert.x?alertId=37345
- http://www.securityfocus.com/bid/72484
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100619
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0603
- http://tools.cisco.com/security/center/viewAlert.x?alertId=37345
- http://www.securityfocus.com/bid/72484
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100619
Products affected by CVE-2015-0603
-
cpe:2.3:h:cisco:unified_ip_phone_9951:-
-
cpe:2.3:h:cisco:unified_ip_phone_9971:-
-
cpe:2.3:o:cisco:unified_ip_phones_9900_series_firmware:-
-
cpe:2.3:o:cisco:unified_ip_phones_9900_series_firmware:9.3(2)