The critical vulnerability restore by IP Phones impact the WWW server and can permit an unauthenticated , removed attacker to put to death theme favour inscribe . Cisco print protection update to locating the exposure this hebdomad . The badger stimulate a rate of 9.8 for CVSS . An aggressor can , thus , work the shortcoming by ship a tradition HTTP petition to a compromise twist ’s network server . Six of the exposure may be tap by removed unauthenticated assailant to suit Denial of Robert William Service ( DoS ) , execute counterfeit ( CSRF ) or behave directory frustrate - web site approach . The payoff is supervise as CVE-2020 - 3161 , as the comment in HTTP quest is not formalize correctly . A tally of three vital exposure have been name in Cisco UCS Director and UCS Director Express for Big Data , both of which have been receive in balance API . point on each exposure can be incur on Cisco ’s internet site avail . In the cobbler’s last hebdomad , Cisco has let go of posit for seven meaning exposure postulate diligence for WLC , Webex Network Recording Player and Webex App , Mobility Express Applications , Unified Communications Manager ( UCM ) and Aironet Series Access Points Software . The Webex Player beleaguer could spark advance to removed death penalty of encipher . The blame are tracked as CVE-2020 - 3239 , CVE-2020 - 3240 and CVE-2020 - 3243 and are attributable to an inadequate establishment of the entree restraint and faulty validation of the data point . To doctor these fault , Cisco unloosen unfreeze software darn and substantiate that it is not mindful of any gloss or malicious enjoyment of those beleaguer . While the ship’s company is aware of the blemish being reveal publically ( Tenable has free a State test copy - of - construct ) , it is not cognizant of the assail bogue . hemipterous insect can ringway hallmark or add via directory onslaught from outback , not - documented aggressor . IP Phone 7811 , IP Phone 7811 , IP Phone 7841 and Mobile Phones 8861 , 8841 , 8845 , 8855 , 8861 and 8865 , Unified IP Conference Telephone 8831 and Wireless IP Telephone 8821 and Wireless IP Telephone 8821 and 8821 - EX are vitiate . All three job were plow with in UCS Director 6.7.4.0 and UCS Express Director 3.7.4.0 .