CNNVD-202510-2101 Information

CNNVD ID

CNNVD-202510-2101

Related CVE

CVE-2025-20351

• CNNVD Published: 2025-10-15

Description (Chinese)

Cisco SIP Software是美国思科（Cisco）公司的一个SIP协议软件系统。 Cisco SIP Software存在跨站脚本漏洞，该漏洞源于web UI未充分验证用户输入，可能导致跨站脚本攻击。

Description (English)

Cisco SIP Software is a SIP protocol software system of Cisco. Cisco SIP Software had a cross-site script loophole, which originated from the failure of web UI to adequately verify user input and could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

思科

Published

2025-10-15

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A https://access.redhat.com/security/cve/cve-2025-20351 https://vigilance.fr/vulnerability/Cisco-IP-Phone-two-vulnerabilities-via-SIP-48507

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A