CVE-2015-0602 — MEDIUM (5.0)

Q: What is CVE-2015-0602?

CVE-2015-0602 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117.

Q: How severe is CVE-2015-0602?

CVE-2015-0602 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-0602?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Ip Phones 9900 Series Firmware, Cisco Unified Ip Phone 9951, Cisco Unified Ip Phone 9971.

Vulnerability Description

The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Cisco	Unified Ip Phones 9900 Series Firmware	<= 9.4\(.1\)
Cisco	Unified Ip Phone 9951	All versions
Cisco	Unified Ip Phone 9971	All versions

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2015-0602?

CVE-2015-0602 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117.

How severe is CVE-2015-0602?

CVE-2015-0602 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-0602?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Ip Phones 9900 Series Firmware, Cisco Unified Ip Phone 9951, Cisco Unified Ip Phone 9971.