2 results (0.009 seconds)

CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0

The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063. El interfaz de linea de comando (CLI) en Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, y 7971G, con firmware 8.0(4)SR1 y anteriores permite a usuarios locales obtener privilegios o provocar denegación de servicio a través de vectores no especificados. NOTA: este asunto podría estar apalancada remotamente a través de CVE-2007-1063. • http://osvdb.org/33064 http://secunia.com/advisories/24262 http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml http://www.securityfocus.com/bid/22647 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 1%CPEs: 12EXPL: 0

The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device. El servidor SSH en Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, y 7971G, con firmware 8.0(4)SR1 y anteriores, utiliza un nombre de usuario y contraseña fuertemente codificada, lo cual permite a atacantes remotos acceder al dispositivo. • http://osvdb.org/45246 http://secunia.com/advisories/24262 http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml http://www.securityfocus.com/bid/22647 http://www.securitytracker.com/id?1017681 http://www.vupen.com/english/advisories/2007/0689 https://exchange.xforce.ibmcloud.com/vulnerabilities/32627 • CWE-798: Use of Hard-coded Credentials •