Authentication Bypass Vulnerability in Cisco Small Business SPA300 and SPA500 Phones (Bug ID CSCun77435)

Authentication Bypass Vulnerability in Cisco Small Business SPA300 and SPA500 Phones (Bug ID CSCun77435)

CVE-2014-3312 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435.

Learn more about our Cis Benchmark Audit For Cisco.