1 results (0.003 seconds)
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5468
https://notcve.org/view.php?id=CVE-2007-5468
16 Oct 2007 — Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack"). Cisco CallManager 5.1.1.3000-5 no verifica el URI de cabecera de autenticación de resumen contra la URI de petición en mensajes SIP, lo cual permite a atacantes remotos utilizar credenciales de auten... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066581.html • CWE-264: Permissions, Privileges, and Access Controls •