Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2014-3312
Deferred
More InfoOfficial Page
Source-psirt@cisco.com
View Known Exploited Vulnerability (KEV) details
Published At-09 Jul, 2014 | 11:07
Updated At-12 Apr, 2025 | 10:46

The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.9MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Cisco Systems, Inc.
cisco
>>spa_301_1_line_ip_phone>>*
cpe:2.3:h:cisco:spa_301_1_line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa_303_3_line_ip_phone>>*
cpe:2.3:h:cisco:spa_303_3_line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa_501g_8-line_ip_phone>>*
cpe:2.3:h:cisco:spa_501g_8-line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa_502g_1-line_ip_phone>>*
cpe:2.3:h:cisco:spa_502g_1-line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa_504g_4-line_ip_phone>>*
cpe:2.3:h:cisco:spa_504g_4-line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa_508g_8-line_ip_phone>>*
cpe:2.3:h:cisco:spa_508g_8-line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa_509g_12-line_ip_phone>>*
cpe:2.3:h:cisco:spa_509g_12-line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa_512g_1-line_ip_phone>>*
cpe:2.3:h:cisco:spa_512g_1-line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa_514g_4-line_ip_phone>>*
cpe:2.3:h:cisco:spa_514g_4-line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa_525g_5-line_ip_phone>>*
cpe:2.3:h:cisco:spa_525g_5-line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa_525g2_5-line_ip_phone>>*
cpe:2.3:h:cisco:spa_525g2_5-line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa901_1-line_ip_phone>>*
cpe:2.3:h:cisco:spa901_1-line_ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa922_1-line_ip_phone_with_1-port_ethernet>>*
cpe:2.3:h:cisco:spa922_1-line_ip_phone_with_1-port_ethernet:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa941_4-line_ip_phone_with_1-port_ethernet>>*
cpe:2.3:h:cisco:spa941_4-line_ip_phone_with_1-port_ethernet:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa942_4-line_ip_phone_with_2-port_switch>>*
cpe:2.3:h:cisco:spa942_4-line_ip_phone_with_2-port_switch:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>spa962_6-line_ip_phone_with_2-port_switch>>*
cpe:2.3:h:cisco:spa962_6-line_ip_phone_with_2-port_switch:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3312psirt@cisco.com
Vendor Advisory
http://www.securityfocus.com/bid/68465psirt@cisco.com
N/A
http://www.securitytracker.com/id/1030552psirt@cisco.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/94421psirt@cisco.com
N/A
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3312af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/68465af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1030552af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/94421af854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found