A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this vulnerability by tricking the user of a web application into executing an adverse action. Cisco Bug IDs: CSCuz88421, CSCuz91356, CSCve56308.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2017-10-19T08:00:00

Updated: 2024-08-05T18:36:54.419Z

Reserved: 2017-08-03T00:00:00

Link: CVE-2017-12271

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-10-19T08:29:00.343

Modified: 2024-11-21T03:09:12.393

Link: CVE-2017-12271

cve-icon Redhat

No data.