CVE-2019-15258— Cisco SPA100 Series Analog Telephone Adapters 资源管理错误漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2019-15258の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Cisco SPA100 Series Analog Telephone Adapters Web Management Interface Denial of Service Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper validation of user-supplied requests to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the device to stop responding, requiring manual intervention for recovery.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
资源管理错误
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Cisco SPA100 Series Analog Telephone Adapters 资源管理错误漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Cisco SPA100 Series Analog Telephone Adapters(ATAs)是美国思科(Cisco)公司的一款SPA100系列模拟电话适配器。 使用1.4.1 SR3及之前版本固件的Cisco SPA100 Series ATAs中基于Web的管理界面存在资源管理错误漏洞,该漏洞源于程序没有正确验证用户提交的请求。远程攻击者可通过发送特制的请求利用该漏洞造成拒绝服务。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Cisco | Cisco SPA112 2-Port Phone Adapter | unspecified ~ n/a | - |
II. CVE-2019-15258の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2019-15258のインテリジェンス情報
请登录查看更多情报信息。
- https://www.tenable.com/security/research/tra-2019-44x_refsource_MISC
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-webui-dosvendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2019-15258
Same Patch Batch · Cisco · 2019-10-16 · 41 CVEs total
| CVE-2019-15241 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15251 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15247 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15248 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15246 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15244 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15245 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15242 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15243 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15240 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-15250 | Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities | |
| CVE-2019-12705 | Cisco Expressway Series and TelePresence Video Communication Server Cross-Site Scripting V | |
| CVE-2019-12708 | Cisco SPA100 Series Analog Telephone Adapters Administrative Credentials Information Discl | |
| CVE-2019-12718 | Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability | |
| CVE-2019-12703 | Cisco SPA122 ATA with Router Devices DHCP Services Cross-Site Scripting Vulnerability | |
| CVE-2019-12704 | Cisco SPA100 Series Analog Telephone Adapters Web-Based Management Interface File Disclosu | |
| CVE-2019-12638 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | |
| CVE-2019-12702 | Cisco SPA100 Series Analog Telephone Adapters Reflected Cross-Site Scripting Vulnerability | |
| CVE-2019-12636 | Cisco Small Business Smart and Managed Switches Cross-Site Request Forgery Vulnerability | |
| CVE-2019-12637 | Cisco Identity Services Engine Multiple Stored Cross-Site Scripting Vulnerabilities |
Showing 20 of 41 CVEs. View all on vendor page →
IV. 関連脆弱性
- CVE-2019-15257
Cisco SPA100 Series Analog Telephone Adapters Running Config - CVE-2019-15252
Cisco SPA100 Series Analog Telephone Adapters Remote Code Ex - CVE-2019-15251
Cisco SPA100 Series Analog Telephone Adapters Remote Code Ex - CVE-2019-15250
Cisco SPA100 Series Analog Telephone Adapters Remote Code Ex - CVE-2019-15249
Cisco SPA100 Series Analog Telephone Adapters Remote Code Ex
同じベンダー: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
V. CVE-2019-15258へのコメント
まだコメントはありません