Preview Tool

Cisco Bug: CSCvu16168 - Evaluation of sl-wireless-phones for Method Confusion Pairing Vulnerability for LE and BR/EDR Implem

Last Modified

Sep 03, 2020

Products (1)

  • Cisco IP Phone 8800 Series

Known Affected Releases

11.0(5)MN169 11.0(5)SR3

Description (partial)


This issue is under review by the Cisco Product Security Incident Response
team (PSIRT).

The defect describes a product security vulnerability.  Its contents must
be protected from unauthorized disclosure, both internal and external to
Cisco. Do not forward this information to mailing lists or newsgroups.

Documentation writers: it is prohibited to publish this Release-note
Enclosure (RNE) until the content has been approved by PSIRT.  PSIRT may
publish a Security Advisory regarding this defect, and the current text of
this RNE will be replaced with appropriate information.  In the event that
a Security Advisory is not published, PSIRT will replace this text with an
appropriate explanation.

More information on PSIRT is available at http//
Cisco's public policy on security vulnerability handling can be reviewed at
For further information, send a message to

This product includes a version of  Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) or Bluetooth Low Energy (LE) protocol stack  that is affected by the vulnerability named  Method Confusion Pairing and identified by the following Common Vulnerability and Exposures (CVE) ID:


This bug was opened to address the potential impact on this product.

Device with default configuration.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.