CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2007-5468
https://notcve.org/view.php?id=CVE-2007-5468
Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack"). Cisco CallManager 5.1.1.3000-5 no verifica el URI de cabecera de autenticación de resumen contra la URI de petición en mensajes SIP, lo cual permite a atacantes remotos utilizar credenciales de autenticación de resumen rastreadas para invocar números de teléfono de su elección o suplantar el identificador del emisor (también conocido como "fraude de aduana y ataque de reenvío de autenticación"). • http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066581.html http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066691.html http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066694.html http://secunia.com/advisories/27231 http://www.securityfocus.com/bid/26057 http://www.vupen.com/english/advisories/2007/3534 https://exchange.xforce.ibmcloud.com/vulnerabilities/37197 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 31EXPL: 2CVE-2007-4634 – Cisco CallManager 4.2 / CUCM 4.2 - Logon Page 'lang' SQL Injection
https://notcve.org/view.php?id=CVE-2007-4634
Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265. Múltiples vulnerabilidades de inyección SQL en Cisco CallManager y Unified Communications Manager (CUCM) versiones anteriores a 3.3(5)sr2b, 4.1 versiones anteriores a 4.1(3)sr5, 4.2 versiones anteriores a 4.2(3)sr2, y 4.3 versiones anteriores a 4.3(1)sr1, permiten a atacantes remotos ejecutar comandos SQL de su elección mediante la variable lang en la página de acceso de (1) usuario ó (2) administrador, también conocido como CSCsi64265. • https://www.exploit-db.com/exploits/30541 http://secunia.com/advisories/26641 http://securitytracker.com/id?1018624 http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml http://www.securityfocus.com/bid/25480 http://www.vupen.com/english/advisories/2007/3010 https://exchange.xforce.ibmcloud.com/vulnerabilities/36326 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 0CVE-2007-4633
https://notcve.org/view.php?id=CVE-2007-4633
Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Cisco CallManager y Unified Communications Manager (CUCM) versiones anteriores a 3.3(5)sr2b, 4.1 versiones anteriores a 4.1(3)sr5, 4.2 versiones anteriores a 4.2(3)sr2, y 4.3 versiones anteriores a 4.3(1)sr1, permite a atacantes remotos inyectar scripts web o HTML de su elección mediante la variable lang en la página de acceso de (1) usuario ó (2) administrador, también conocido como CSCsi10728. • http://secunia.com/advisories/26641 http://securitytracker.com/id?1018624 http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml http://www.securityfocus.com/bid/25480 http://www.vupen.com/english/advisories/2007/3010 https://exchange.xforce.ibmcloud.com/vulnerabilities/36325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 2CVE-2007-2832 – Cisco CallManager 4.1 - Search Form Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-2832
Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la aplicación web de cortafuegos de Cisco CallManager anterior a 3.3(5)sr3, 4.1 anterior a 4.1(3)sr5, 4.2 anterior a 4.2(3)sr2, y 4.3 anterior a 4.3(1)sr1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante el parámetro pattern a CCMAdmin/serverlist.asp (también conocido como formulario de búsqueda) y posiblemente otros vectores no especificados. • https://www.exploit-db.com/exploits/30077 http://marc.info/?l=full-disclosure&m=117993122727006&w=2 http://secunia.com/advisories/25377 http://www.cisco.com/en/US/products/products_security_response09186a0080849272.html http://www.osvdb.org/35337 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2977 http://www.securityfocus.com/bid/24119 http://www.securitytracker.com/id?1018105 http://www.vupen.com/english/advisories/2007/1922 https://exchange.xforce.ibmcloud.com/vulnerabilit •
CVSS: 3.5EPSS: 0%CPEs: 40EXPL: 0CVE-2007-1467
https://notcve.org/view.php?id=CVE-2007-1467
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en (1) PreSearch.html y (2) PreSearch.class en Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks y productos relacionados, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), y Wireless Control System (WCS) permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de campos de texto de un formulario de búsqueda. • http://secunia.com/advisories/24499 http://securityreason.com/securityalert/2437 http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html http://www.securityfocus.com/archive/1/462932/100/0/threaded http://www.securityfocus.com/archive/1/462944/100/0/threaded http://www.securityfocus.com/bid/22982 http://www.securitytracker.com/id?1017778 http://www.vupen.com/english/advisories/2007/0973 https://exchange.xforce.ibmcloud.com/vulnerabilities/33024 •