A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this vulnerability by tricking the user of a web application into executing an adverse action. Cisco Bug IDs: CSCuz88421, CSCuz91356, CSCve56308.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2017-10-19T08:00:00
Updated: 2024-08-05T18:36:54.419Z
Reserved: 2017-08-03T00:00:00
Link: CVE-2017-12271
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-10-19T08:29:00.343
Modified: 2024-11-21T03:09:12.393
Link: CVE-2017-12271
Redhat
No data.