Denial of Service Vulnerability in Cisco Small Business IP Phones
CVE-2017-12219
7.5HIGH
Key Information:
- Vendor
Cisco
- Vendor
- CVE Published:
- 21 September 2017
What is CVE-2017-12219?
A flaw exists in the IP fragment handling mechanism of Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones. This vulnerability allows an unauthenticated attacker to exploit the device by sending specially crafted IP fragments, causing it to reload unexpectedly. Such unexpected reloads can lead to a Denial of Service (DoS) condition, disrupting normal device operations and affecting network communication.
Affected Version(s)
Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones