Insecure Default Configuration of Cisco Small Business IP Phones SPA 300 and SPA 500 (Bug ID CSCuo52482)
CVE-2015-0670 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:P/A:N
The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482.
Learn more about our Cis Benchmark Audit For Cisco.