This vulnerability exists in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones. A successful exploit could allow an attacker to access certain parts of the web interface that would normally require authentication

Full description of the vulnerability is available on the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR

1.   Confirm whether you are using any of the impacted devices:

• IP Phone 7800 Series
• IP Phone 8800 Series
• IP Phone 8821

If you aren’t using these devices, no action is required.

2.   If you’re using the impacted devices listed above, upgrade them to the software firmware version greater than 14.1(1) SR2 for IP Phone 7800 and 8800 Series. Wireless IP Phone 8821 Series version should be greater than 11.0(6) SR4.

3.   To get the necessary software, go to the below links:

• IP Phone 7800 Series
• IP Phone 8800 Series
• Wireless IP Phone 8821

Log in will be required to your Cisco’s CCO download repository for this page.