Question 1

What is CVE-2020-3161 — Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability?

Accepted Answer

Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.

Question 2

What is the authoritative source for CVE-2020-3161?

Accepted Answer

Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability (CVE-2020-3161) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2020-3161Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability

Description

Scoring

CISA KEV entry

(incoming)1

Related by meaning· 6