VDB
CVE-2021-34711
CVE-2021-34711
PUBLISHED
CVSS 2.0999999046325684 LOW
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell command. A successful exploit could allow the attacker to read any file on the device file system.
EPSS 0.07% · 21.0th percentile
Risk Scores
CVSS 2.0
2.0999999046325684
EPSS Score
0.07%
21.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | ip_conference_phone_7832_firmware | 0 |
| cisco | ip_phone_7821_firmware | 0 |
| cisco | ip_conference_phone_8832_firmware | 0 |
| cisco | ip_phone_8811_firmware | 0 |
| cisco | ip_phone_8851_firmware | 0 |
| cisco | ip_phone_7811_firmware | 0 |
| cisco | ip_phone_7841_firmware | 0 |
| cisco | ip_phone_8831_firmware | 0 |
| cisco | ip_phone_8841_firmware | 0 |
| Cisco | Cisco IP Phones with Multiplatform Firmware | n/a |
| cisco | wireless_ip_phone_8821_firmware | 0 |
| cisco | ip_phone_7832_firmware | 0 |
| cisco | ip_phone_8861_firmware | 0 |
| cisco | ip_phones_8832_firmware | 0 |
| cisco | ip_phone_8865_firmware | 0 |
| cisco | ip_phone_8845_firmware | 0 |
| cisco | ip_phone_7861_firmware | 0 |
Exploit Intelligence
Timeline
- Oct 6, 2021 CVE Published
- Oct 7, 2021 EPSS Score
- Dec 3, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Jan 28, 2022 EPSS Score
- Mar 26, 2022 EPSS Score
- May 22, 2022 EPSS Score
- Jul 19, 2022 EPSS Score
- Sep 13, 2022 EPSS Score
- Nov 9, 2022 EPSS Score
- Jan 5, 2023 EPSS Score
- Mar 3, 2023 EPSS Score