{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T21:33:25.137","vulnerabilities":[{"cve":{"id":"CVE-2018-0325","sourceIdentifier":"psirt@cisco.com","published":"2018-05-17T03:29:00.810","lastModified":"2024-11-21T03:37:58.917","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to incomplete input validation of SIP Session Description Protocol (SDP) parameters by the SDP parser of an affected phone. An attacker could exploit this vulnerability by sending a malformed SIP packet to an affected phone. A successful exploit could allow the attacker to cause all active phone calls on the affected phone to be dropped while the SIP process on the phone unexpectedly restarts, resulting in a DoS condition. Cisco Bug IDs: CSCvf40066."},{"lang":"es","value":"Una vulnerabilidad en la funcionalidad de gestión de llamadas SIP (Session Initiation Protocol) de los teléfonos Session Initiation Protocol de las series 7800 y 8800 podría permitir que un atacante remoto no autenticado provoque una denegación de servicio (DoS) en un teléfono afectado. La vulnerabilidad se debe a la validación de entradas incorrecta de los parámetros SIP Session Description Protocol (SDP) mediante el analizador SDP de un teléfono afectado. Un atacante podría explotar esta vulnerabilidad enviando una un paquete SIP mal formado al teléfono afectado. Su explotación con éxito podría permitir que el atacante provoque que todas las llamadas de teléfono activas en el teléfono afectado se cuelguen mientras el proceso SIP se reinicia inesperadamente, lo que resulta en una condición de denegación de servicio (DoS). Cisco Bug IDs: CSCvf40066."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ip_phone_8800_firmware:9.4\\(2\\)sr4:*:*:*:*:*:*:*","matchCriteriaId":"0F47D1FC-4F02-4118-B9A8-CEAC06A9FAEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ip_phone_8800_firmware:10.3\\(1\\)sr4:*:*:*:*:*:*:*","matchCriteriaId":"F63E0334-2895-410E-BCE9-95A73825AF8F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*","matchCriteriaId":"C1BBEA07-3154-4270-B865-D4AD26EB3B42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ip_phone_7800_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1\\(1.12\\)","matchCriteriaId":"00D16986-6C5D-4DF1-8B4C-107D7E715C62"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ip_phone_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"EF03D5F2-0483-409B-90F0-A1430774A258"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ip_phone_7800_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1\\(1\\)mn130","matchCriteriaId":"B88BCB29-F97D-4CEE-B350-CC74F5046E66"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:ip_phone_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"EF03D5F2-0483-409B-90F0-A1430774A258"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/104202","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1040927","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/104202","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1040927","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}