Vulnerability Details CVE-2016-1469
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-spa
- http://www.securityfocus.com/bid/92706
- http://www.securitytracker.com/id/1036717
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-spa
- http://www.securityfocus.com/bid/92706
- http://www.securitytracker.com/id/1036717
Products affected by CVE-2016-1469
-
cpe:2.3:h:cisco:spa300_series_ip_phone:-
-
cpe:2.3:h:cisco:spa500_series_ip_phone:-
-
cpe:2.3:o:cisco:spa300_firmware:7.5.5
-
cpe:2.3:o:cisco:spa300_firmware:7.5.7
-
cpe:2.3:o:cisco:spa500_firmware:1.4.2
-
cpe:2.3:o:cisco:spa500_firmware:7.5.5
-
cpe:2.3:o:cisco:spa500_firmware:7.5.7