CVE-2007-5468

EPSS 0.56%
Veröffentlicht 16.10.2007 00:17:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack").

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Call Manager Version5.1.1.3000

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.56%	0.656

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066581.html

http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066691.html

http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066694.html

http://secunia.com/advisories/27231

http://www.securityfocus.com/bid/26057

http://www.vupen.com/english/advisories/2007/3534

https://exchange.xforce.ibmcloud.com/vulnerabilities/37197

https://nvd.nist.gov/vuln/detail/CVE-2007-5468

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-5468

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-5468

EUVD