6.5

CVE-2006-0367

Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoCall Manager Version1.0
CiscoCall Manager Version2.0
CiscoCall Manager Version3.0
CiscoCall Manager Version3.1
CiscoCall Manager Version3.2
CiscoCall Manager Version3.3
CiscoCall Manager Version4.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.12% 0.795
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 8 6.4
AV:N/AC:L/Au:S/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/18501
Patch
Vendor Advisory
http://securitytracker.com/id?1015502
Patch
http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmpe.shtml
Patch
Vendor Advisory
http://www.osvdb.org/22621
Patch
http://www.securityfocus.com/bid/16293
http://www.vupen.com/english/advisories/2006/0250
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/24172