CVE-2024-20376 - Vulnerability Details

A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition.

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00471.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco Subscribe	Ip Phone 6821 Subscribe Ip Phone 6821 With Multiplatform Firmware Subscribe Ip Phone 6841 Subscribe Ip Phone 6841 With Multiplatform Firmware Subscribe Ip Phone 6851 Subscribe Ip Phone 6851 With Multiplatform Firmware Subscribe Ip Phone 6861 Subscribe Ip Phone 6861 With Multiplatform Firmware Subscribe Ip Phone 6871 Subscribe Ip Phone 6871 With Multiplatform Firmware Subscribe Ip Phone 7811 Subscribe Ip Phone 7811 With Multiplatform Firmware Subscribe Ip Phone 7821 Subscribe Ip Phone 7821 With Multiplatform Firmware Subscribe Ip Phone 7832 Subscribe Ip Phone 7832 With Multiplatform Firmware Subscribe Ip Phone 7841 Subscribe Ip Phone 7841 With Multiplatform Firmware Subscribe Ip Phone 7861 Subscribe Ip Phone 7861 With Multiplatform Firmware Subscribe Ip Phone 8811 Subscribe Ip Phone 8811 With Multiplatform Firmware Subscribe Ip Phone 8832 Subscribe Ip Phone 8832 With Multiplatform Firmware Subscribe Ip Phone 8841 Subscribe Ip Phone 8841 With Multiplatform Firmware Subscribe Ip Phone 8845 Subscribe Ip Phone 8845 With Multiplatform Firmware Subscribe Ip Phone 8851 Subscribe Ip Phone 8851 With Multiplatform Firmware Subscribe Ip Phone 8861 Subscribe Ip Phone 8861 With Multiplatform Firmware Subscribe Ip Phone 8865 Subscribe Ip Phone 8865 With Multiplatform Firmware Subscribe Ip Phone Firmware Subscribe Video Phone 8875 Subscribe Video Phone 8875 Firmware Subscribe

Configuration 1 [-]

AND

cpe:2.3:o:cisco:video_phone_8875_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:video_phone_8875:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:cisco:ip_phone_6821_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_6821:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:cisco:ip_phone_6841_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_6841:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:cisco:ip_phone_6851_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_6851:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:cisco:ip_phone_6861_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_6861:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:cisco:ip_phone_6871_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_6871:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:cisco:ip_phone_7811_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:cisco:ip_phone_7821_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:cisco:ip_phone_7832_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_7832:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:cisco:ip_phone_7841_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:cisco:ip_phone_7861_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:cisco:ip_phone_8811_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:cisco:ip_phone_8832_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_8832:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:cisco:ip_phone_8841_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:cisco:ip_phone_8845_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:cisco:ip_phone_8851_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:cisco:ip_phone_8861_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:cisco:ip_phone_8865_with_multiplatform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Cisco Subscribe	Ip Phone Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2024-18091	A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-multi-vulns-cXAhCvS

History

Mon, 05 Jan 2026 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco ip Phone 6821 Cisco ip Phone 6821 With Multiplatform Firmware Cisco ip Phone 6841 Cisco ip Phone 6841 With Multiplatform Firmware Cisco ip Phone 6851 Cisco ip Phone 6851 With Multiplatform Firmware Cisco ip Phone 6861 Cisco ip Phone 6861 With Multiplatform Firmware Cisco ip Phone 6871 Cisco ip Phone 6871 With Multiplatform Firmware Cisco ip Phone 7811 Cisco ip Phone 7811 With Multiplatform Firmware Cisco ip Phone 7821 Cisco ip Phone 7821 With Multiplatform Firmware Cisco ip Phone 7832 Cisco ip Phone 7832 With Multiplatform Firmware Cisco ip Phone 7841 Cisco ip Phone 7841 With Multiplatform Firmware Cisco ip Phone 7861 Cisco ip Phone 7861 With Multiplatform Firmware Cisco ip Phone 8811 Cisco ip Phone 8811 With Multiplatform Firmware Cisco ip Phone 8832 Cisco ip Phone 8832 With Multiplatform Firmware Cisco ip Phone 8841 Cisco ip Phone 8841 With Multiplatform Firmware Cisco ip Phone 8845 Cisco ip Phone 8845 With Multiplatform Firmware Cisco ip Phone 8851 Cisco ip Phone 8851 With Multiplatform Firmware Cisco ip Phone 8861 Cisco ip Phone 8861 With Multiplatform Firmware Cisco ip Phone 8865 Cisco ip Phone 8865 With Multiplatform Firmware Cisco video Phone 8875 Cisco video Phone 8875 Firmware
CPEs		cpe:2.3:h:cisco:ip_phone_6821:-:::::::* cpe:2.3:h:cisco:ip_phone_6841:-:::::::* cpe:2.3:h:cisco:ip_phone_6851:-:::::::* cpe:2.3:h:cisco:ip_phone_6861:-:::::::* cpe:2.3:h:cisco:ip_phone_6871:-:::::::* cpe:2.3:h:cisco:ip_phone_7811:-:::::::* cpe:2.3:h:cisco:ip_phone_7821:-:::::::* cpe:2.3:h:cisco:ip_phone_7832:-:::::::* cpe:2.3:h:cisco:ip_phone_7841:-:::::::* cpe:2.3:h:cisco:ip_phone_7861:-:::::::* cpe:2.3:h:cisco:ip_phone_8811:-:::::::* cpe:2.3:h:cisco:ip_phone_8832:-:::::::* cpe:2.3:h:cisco:ip_phone_8841:-:::::::* cpe:2.3:h:cisco:ip_phone_8845:-:::::::* cpe:2.3:h:cisco:ip_phone_8851:-:::::::* cpe:2.3:h:cisco:ip_phone_8861:-:::::::* cpe:2.3:h:cisco:ip_phone_8865:-:::::::* cpe:2.3:h:cisco:video_phone_8875:-:::::::* cpe:2.3:o:cisco:ip_phone_6821_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_6841_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_6851_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_6861_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_6871_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_7811_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_7821_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_7832_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_7841_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_7861_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_8811_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_8832_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_8841_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_8845_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_8851_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_8861_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:ip_phone_8865_with_multiplatform_firmware:::::::: cpe:2.3:o:cisco:video_phone_8875_firmware::::::::
Vendors & Products		Cisco ip Phone 6821 Cisco ip Phone 6821 With Multiplatform Firmware Cisco ip Phone 6841 Cisco ip Phone 6841 With Multiplatform Firmware Cisco ip Phone 6851 Cisco ip Phone 6851 With Multiplatform Firmware Cisco ip Phone 6861 Cisco ip Phone 6861 With Multiplatform Firmware Cisco ip Phone 6871 Cisco ip Phone 6871 With Multiplatform Firmware Cisco ip Phone 7811 Cisco ip Phone 7811 With Multiplatform Firmware Cisco ip Phone 7821 Cisco ip Phone 7821 With Multiplatform Firmware Cisco ip Phone 7832 Cisco ip Phone 7832 With Multiplatform Firmware Cisco ip Phone 7841 Cisco ip Phone 7841 With Multiplatform Firmware Cisco ip Phone 7861 Cisco ip Phone 7861 With Multiplatform Firmware Cisco ip Phone 8811 Cisco ip Phone 8811 With Multiplatform Firmware Cisco ip Phone 8832 Cisco ip Phone 8832 With Multiplatform Firmware Cisco ip Phone 8841 Cisco ip Phone 8841 With Multiplatform Firmware Cisco ip Phone 8845 Cisco ip Phone 8845 With Multiplatform Firmware Cisco ip Phone 8851 Cisco ip Phone 8851 With Multiplatform Firmware Cisco ip Phone 8861 Cisco ip Phone 8861 With Multiplatform Firmware Cisco ip Phone 8865 Cisco ip Phone 8865 With Multiplatform Firmware Cisco video Phone 8875 Cisco video Phone 8875 Firmware

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2024-05-01T16:43:15.553Z

Updated: 2024-08-01T21:59:42.187Z

Reserved: 2023-11-08T15:08:07.655Z

Link: CVE-2024-20376

Vulnrichment

Updated: 2024-08-01T21:59:42.187Z

NVD

Status : Analyzed

Published: 2024-05-01T17:15:28.407

Modified: 2026-01-05T14:57:58.600

Link: CVE-2024-20376

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-07-13T11:14:28Z

Weaknesses

CWE-787

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

Projects

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object