CVE-2022-20660
Published Jan 14, 2022
Last updated a year ago
Overview
- Description
- A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.6
- Impact score
- 3.6
- Exploitability score
- 0.9
- Vector string
- CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_7832:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6592E7FE-346E-4923-97C2-F5298DC802A3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E42261E2-07EC-416E-A65C-7D85584DED32",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B9BC28D-0BC0-45CB-A87B-59F407F3A210",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D7260C17-7067-47AD-995F-366A5E8B10E7"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38F67250-E4D0-48BE-928E-EF1BB4005940",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AE7AFFF0-5B21-400B-B923-E9B7FCCE08FA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD40B5EB-D356-42D4-9464-67D0481460A9",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "73CF8A50-11BD-4506-BF2A-CCA36BF59EFF"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67895EA8-C707-4228-A8A2-4654E2B912CA",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E52C420C-FD54-4BE4-8720-E05307D53520"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F83ED1C8-1655-46EC-B1F5-4BD1D519057D",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41F875DA-AF0C-49CE-8BC5-DD1E0702FACF",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFACDCE6-95B3-45A7-86D3-18F3A78D5AF7",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "280BC438-AF6B-464B-A283-CE183C06E13B",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64E92C6B-5BA7-4C5F-B262-AE20F3951923",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1E3B94C-BA7B-481A-AF4D-2FCF5E81D7B6",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9A7F857-A3D7-43DA-8E94-FDA0EE542C39",
"versionEndExcluding": "14.1\\(1\\)"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_conference_phone_8831_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22846195-008E-4D1B-A0C3-3364B141EC5F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_conference_phone_8831:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "660475FD-8475-4968-9ED2-D83461B9A5D4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_conference_phone_8831_for_third-party_call_control_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5699693-DBEC-429F-B67E-0B1625818FAB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_conference_phone_8831_for_third-party_call_control:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EA7AA843-E37E-42A0-BD4C-9710BDD50D9B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_7945g_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "361613B3-A977-4E2A-8D41-EDE85F1D9623"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7945g:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5980E646-CA07-4222-A9DD-A71306A4A678"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_7965g_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F52E0123-63EF-40FB-85B7-2C2838CBF3BF"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7965g:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FF30D1CC-D27F-49FF-9C63-BB890002D1C2"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_7975g_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "415AE68B-E623-4B95-89CA-1F3C2C96A33C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7975g:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8BA879B6-04D6-402A-8F38-8A7CB34D76F4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_sip_phone_3905_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1B36FBC-7879-4AE5-8D28-2A5BE8C88356",
"versionEndExcluding": "9.4\\(1\\)sr5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_sip_phone_3905:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "14E1313A-F2D4-4F40-BC50-2D1BA2BBB4C7"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59A19DB2-1E3A-40AC-B265-878E9B568E8C",
"versionEndExcluding": "11.0\\(6\\)sr2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F97DF354-7690-417E-B223-72C8BDA36DA7"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "039BF626-1168-44E3-90E4-0C2BE311FA3E",
"versionEndExcluding": "11.0\\(6\\)sr2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "26CAE4C7-EADB-41A9-BE48-1A4F3D8D3D7A"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]