This page lists publicly disclosed CVE vulnerabilities affecting cisco skinny_client_control_protocol_software (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-15434 | A vulnerability in the web-based management interface of Cisco Unified IP Phone 7900 Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful | [email protected] | 6.1 | 0.33% | 2018-10-05 | 2024-11-21 |
| CVE-2012-5445 | The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary. | [email protected] | 6.8 | 0.36% | 2012-12-28 | 2026-04-29 |
| CVE-2011-1637 | Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 do not properly verify signatures for software images, which allows local users to gain privileges via a crafted image, aka Bug ID CSCtn65962. | [email protected] | 1.5 | 0.08% | 2011-06-02 | 2026-04-29 |
| CVE-2011-1603 | Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 allow local users to gain privileges via unspecified vectors, aka Bug ID CSCtn65815. | [email protected] | 6.6 | 0.06% | 2011-06-02 | 2026-04-29 |
| CVE-2011-1602 | The su utility on Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426. | [email protected] | 6.6 | 0.06% | 2011-06-02 | 2026-04-29 |
| CVE-2002-0882 | The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script. | [email protected] | 6.4 | 1.73% | 2002-10-04 | 2026-04-16 |
| CVE-2002-0881 | Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings. | [email protected] | 2.1 | 0.22% | 2002-10-04 | 2026-04-16 |
| CVE-2002-0880 | Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attackers to cause a denial of service (crash) via malformed packets as demonstrated by (1) "jolt", (2) "jolt2", (3) "raped", (4) "hping2", (5) "bloop", (6) "bubonic", (7) "mutant", (8) "trash", and (9) "trash2." | [email protected] | 5.0 | 0.66% | 2002-10-04 | 2026-04-16 |