Default Administrative Password Vulnerability in Cisco IP Phones
CVE-2002-0881

Currently unrated

Key Information:

Vendor: Cisco
Status: Skinny Client Control Protocol Software; Voip Phone Cp-7940
Vendor: CVE Published:; 4 October 2002

Summary

Cisco IP Phones, specifically models 7910, 7940, and 7960, are vulnerable due to the use of a default administrative password. This security flaw permits attackers with physical access to these devices to alter configuration settings, potentially compromising the integrity and security of the VoIP infrastructure. Organizations using these models should take immediate steps to change default passwords and enhance physical security to mitigate this risk.

References

http://online.securityfocus.com/archive/1/273673

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/9144.php

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/multiple-ip-phone-vu...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 16, 2002