Showing 1 - 1 of 1

CVE-2022-20660

Status Candidate

Overview

A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.

Related Files

Cisco IP Phone Cleartext Password Storage: Posted Jan 17, 2022; Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com; Cisco IP Phone Series 78x1, 88x5, 88x1, 7832, 8832, 8821 and 3905 suffer from an insecure password storage vulnerability.; tags | exploit; systems | cisco; advisories | CVE-2022-20660; SHA-256 | 448c7c5cfcae3fc7bd414ad5be07cfbb1b7d955c723ac1c0f73d5e456f4c69e5; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 229 files
Ubuntu 95 files
Gentoo 33 files
Debian 24 files
Google Security Research 19 files
Mirabbas Agalarov 16 files
indoushka 13 files
CraCkEr 10 files
Apple 9 files
Ivan Fratric 8 files

File Archives

Systems

AIX (428)
Apple (1,979)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,753)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,321)
HPUX (879)
iOS (344)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,767)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,304)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,624)
UNIX (9,235)
UnixWare (186)
Windows (6,555)
Other

CVE-2022-20660

Overview

Related Files

File Archive:

May 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems