Information Disclosure Vulnerability in Cisco Unified IP 9900 Phones
CVE-2015-0602

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Ip Phones 9900 Series Firmware
Vendor: CVE Published:; 7 February 2015

Summary

The Cisco Unified IP 9900 series phones with firmware version 9.4(.1) and earlier have a security vulnerability in their mobility extension that allows remote attackers to obtain sensitive information through network sniffing. This flaw can potentially expose critical data to unauthorized entities, compromising the confidentiality of communications made through these devices. Users are advised to upgrade their firmware to mitigate the risks associated with this vulnerability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/100615

vdb-entryx_refsource_XF

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/72482

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Feb 7, 2015
Vulnerability Reserved
Jan 7, 2015