Vulnerability Description
A vulnerability classified as problematic was found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument Cookie leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249256.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Poly | Ccx 400 Firmware | - |
| Poly | Ccx 400 | - |
| Poly | Ccx 600 Firmware | - |
| Poly | Ccx 600 | - |
| Poly | Trio 8800 Firmware | - |
| Poly | Trio 8800 | - |
| Poly | Trio C60 Firmware | - |
| Poly | Trio C60 | - |
Related Weaknesses (CWE)
References
- https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11919.htmlNot Applicable
- https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices
- https://modzero.com/en/advisories/mz-23-01-poly-voip/
- https://vuldb.com/?ctiid.249256Permissions Required
- https://vuldb.com/?id.249256Third Party Advisory
- https://modzero.com/en/blog/multiple-vulnerabilities-in-poly-products/ExploitThird Party Advisory
- https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11919.htmlNot Applicable
- https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices
- https://modzero.com/en/advisories/mz-23-01-poly-voip/
- https://vuldb.com/?ctiid.249256Permissions Required
- https://vuldb.com/?id.249256Third Party Advisory
FAQ
What is CVE-2023-4463?
CVE-2023-4463 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability classified as problematic was found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of ...
How severe is CVE-2023-4463?
CVE-2023-4463 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-4463?
Check the references section above for vendor advisories and patch information. Affected products include: Poly Ccx 400 Firmware, Poly Ccx 400, Poly Ccx 600 Firmware, Poly Ccx 600, Poly Trio 8800 Firmware.