CVE-2015-0603 — MEDIUM (4.6)

Q: How severe is CVE-2015-0603?

CVE-2015-0603 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-0603?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Ip Phones 9900 Series Firmware, Cisco Unified Ip Phone 9951, Cisco Unified Ip Phone 9971.

Vulnerability Description

Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing to a phone's filesystem, aka Bug ID CSCup90474.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:S/C:N/I:N/A:C

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Cisco	Unified Ip Phones 9900 Series Firmware	<= 9.4\(.1\)
Cisco	Unified Ip Phone 9951	All versions
Cisco	Unified Ip Phone 9971	All versions

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2015-0603?

CVE-2015-0603 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing ...

How severe is CVE-2015-0603?

CVE-2015-0603 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-0603?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Ip Phones 9900 Series Firmware, Cisco Unified Ip Phone 9951, Cisco Unified Ip Phone 9971.