1. Home
  2. CVE Database
  3. CVE-2008-0527
HIGH · 7.8

CVE-2008-0527

The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request.

Vulnerability Description

The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
CiscoUnified Ip Phone7906g
CiscoSkinny Client Control Protocol \(Sccp\) FirmwareAll versions
CiscoSession Initiation Protocol \(Sip\) FirmwareAll versions

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2008-0527?

CVE-2008-0527 is a vulnerability with a CVSS score of 7.8 (HIGH). The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request.

How severe is CVE-2008-0527?

CVE-2008-0527 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-0527?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Ip Phone, Cisco Skinny Client Control Protocol \(Sccp\) Firmware, Cisco Session Initiation Protocol \(Sip\) Firmware.