Home

Description

Malicious use of a stolen cookie might allow modifications to the contents of the IP phone’s webpage.

PUBLISHED Reserved 2026-04-08 | Published 2026-07-08 | Updated 2026-07-09 | Assigner hp




MEDIUM: 6.0CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-352 Cross-Site request forgery (CSRF)

Product status

Default status
unknown

Any version before 9.50
affected

Default status
unknown

Any version before 8.6.0
affected

Default status
unknown

Any version before 9.5.0
affected

References

support.hp.com/...ument/ish_15255241-15255270-16/hpsbpy04109

cve.org (CVE-2026-5923)

nvd.nist.gov (CVE-2026-5923)

Download JSON