Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Cisco IP Phone 7940 -Vulnerability issue

Hi,

As per the vulnerability report (Qualys Guard), we are seeing couple of vulnerabilities wrt 7940 IP Phones.

The report says...

OS:

Linux 2.4-2.6 / Embedded Device / F5 Networks Big-IP

Issue:

Web Server/ Web Application Vulnerable to Cross-Site Scripting Attacks

Threat:

Your Web server/application does not filter script embedding from links displayed on a server's Web site.

Pls suggest what action needs to be take to resolve this issue.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Gold

Re: Cisco IP Phone 7940 -Vulnerability issue

Because the phone is not really a web site and does not supports scripting at all.

You can also disable web access and that's it.

3 REPLIES
Hall of Fame Super Gold

Cisco IP Phone 7940 -Vulnerability issue

False alarm, no action needed.

New Member

Cisco IP Phone 7940 -Vulnerability issue

Hi,

Thanks for the update.

Any additional inputs how it could be a false alarm.

Regards

Jagadish G

Hall of Fame Super Gold

Re: Cisco IP Phone 7940 -Vulnerability issue

Because the phone is not really a web site and does not supports scripting at all.

You can also disable web access and that's it.

241
Views
0
Helpful
3
Replies
CreatePlease to create content