CVE-2019-12708— Cisco SPA100 Series Analog Telephone Adapters 信息泄露漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2019-12708の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Cisco SPA100 Series Analog Telephone Adapters Administrative Credentials Information Disclosure Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to unsafe handling of user credentials. An attacker could exploit this vulnerability by viewing portions of the web-based management interface of an affected device. A successful exploit could allow the attacker to access administrative credentials and potentially gain elevated privileges by reusing stolen credentials on the affected device.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
信息暴露
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Cisco SPA100 Series Analog Telephone Adapters 信息泄露漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Cisco SPA100 Series Analog Telephone Adapters(ATAs)是美国思科(Cisco)公司的一款SPA100系列模拟电话适配器。 使用1.4.1 SR3及之前版本固件的Cisco SPA100 Series ATAs中基于Web的管理界面存在信息泄露漏洞,该漏洞源于程序没有正确处理用户凭证。远程攻击者可通过查看部分管理界面利用该漏洞访问管理凭证并可能获取提升的权限。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Cisco | Cisco SPA112 2-Port Phone Adapter | unspecified ~ n/a | - |
II. CVE-2019-12708の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2019-12708のインテリジェンス情報
请登录查看更多情报信息。
- https://www.tenable.com/security/research/tra-2019-44x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2019-12708
Same Patch Batch · Cisco · 2019-10-16 · 41 CVEs total
| CVE-2019-15240 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15250 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15251 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15247 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15248 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15246 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15244 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15245 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15242 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15243 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15249 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15241 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-12705 | Cisco Expressway Series and TelePresence Video Communication Server Cross-Site Scripting V | |
| CVE-2019-12718 | Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability | |
| CVE-2019-12703 | Cisco SPA122 ATA with Router Devices DHCP Services Cross-Site Scripting Vulnerability | |
| CVE-2019-12704 | Cisco SPA100 Series Analog Telephone Adapters Web-Based Management Interface File Disclosu | |
| CVE-2019-12638 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | |
| CVE-2019-12702 | Cisco SPA100 Series Analog Telephone Adapters Reflected Cross-Site Scripting Vulnerability | |
| CVE-2019-12636 | Cisco Small Business Smart and Managed Switches Cross-Site Request Forgery Vulnerability | |
| CVE-2019-12637 | Cisco Identity Services Engine Multiple Stored Cross-Site Scripting Vulnerabilities |
Showing 20 of 41 CVEs. View all on vendor page →
IV. 関連脆弱性
- CVE-2019-15257
Cisco SPA100 Series Analog Telephone Adapters Running Config - CVE-2019-15258
Cisco SPA100 Series Analog Telephone Adapters Web Management - CVE-2019-15252
Cisco SPA100 Series Analog Telephone Adapters Remote Code Ex - CVE-2019-15251
Cisco SPA100 Series Analog Telephone Adapters Remote Code Ex - CVE-2019-15249
Cisco SPA100 Series Analog Telephone Adapters Remote Code Ex
同じベンダー: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
同じ弱点: CWE-200
- CVE-2026-42333
quarkus-openapi-generator has overly broad path-parameter ma - CVE-2026-8198
Activity Logs, User Activity Tracking, Multisite Activity Lo - CVE-2026-42456
AnythingLLM: Cross-User TTS Audio Disclosure via Chat ID (ID - CVE-2026-41520
Cillium exposes sensitive information included in the cilium - CVE-2026-25199
Apache CloudStack: Proxmox Extension Allows Unauthorized Cro
V. CVE-2019-12708へのコメント
まだコメントはありません