How severe is CVE-2024-20357?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2024-20357?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2024-20357

MEDIUM Year: 2024

CVSS v3 Score

5.9

Medium

Weakness Type

CWE-787

View all →

Vulnerability Description

A vulnerability in the XML service of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to initiate phone calls on an affected device. This vulnerability exists because bounds-checking does not occur while parsing XML requests. An attacker could exploit this vulnerability by sending a crafted XML request to an affected device. A successful exploit could allow the attacker to initiate calls or play sounds on the device.

CVE-2016-4429

MEDIUM

CVSS:5.9(Medium)

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecifi...

CWE-7872016

CVE-2016-7178

MEDIUM

CVSS:5.9(Medium)

epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a d...

CWE-7872016

CVE-2017-17160

MEDIUM

CVSS:5.9(Medium)

Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S...

CWE-7872017

CVE-2017-17217

MEDIUM

CVSS:5.9(Medium)

Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V6...

CWE-7872017

CVE-2018-16880

MEDIUM

CVSS:5.9(Medium)

A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a...

CWE-7872018

CVE-2018-17156

MEDIUM

CVSS:5.9(Medium)

In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when u...

CWE-7872018

CVE-2024-20357

Vulnerability Description

Related Vulnerabilities

CVE-2016-4429

CVE-2016-7178

CVE-2017-17160

CVE-2017-17217

CVE-2018-16880

CVE-2018-17156