Cisco Bug: CSCup90458 - Webs Popen Shell Command Execution Vulnerability
Jun 11, 2020
- Cisco Unified IP Phones 9900 Series
Known Affected Releases
Symptoms: There was a concern that the Peer Firmware Sharing feature had an input validation issue. After extensive discussion it was determined that the input was not actually used anywhere in the system and that this is not a vulnerability. This is a modification on the product to adopt new secure code best practices to enhance the security posture and resiliency of the product. Conditions: Device configured with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases