Vulnerabilites related to cisco - unified_ip_phone_firmware_7961g
CVE-2007-1063 (GCVE-0-2007-1063)
Vulnerability from cvelistv5
Published
2007-02-22 01:00
Modified
2024-08-07 12:43
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/32627 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml | vendor-advisory, x_refsource_CISCO | |
| http://osvdb.org/45246 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/24262 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/0689 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/22647 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1017681 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.505Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-unified-ip-phone-default-user-account(32627)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32627"
},
{
"name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
},
{
"name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
},
{
"name": "45246",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45246"
},
{
"name": "24262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24262"
},
{
"name": "ADV-2007-0689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0689"
},
{
"name": "22647",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22647"
},
{
"name": "1017681",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017681"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cisco-unified-ip-phone-default-user-account(32627)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32627"
},
{
"name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
},
{
"name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
},
{
"name": "45246",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45246"
},
{
"name": "24262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24262"
},
{
"name": "ADV-2007-0689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0689"
},
{
"name": "22647",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22647"
},
{
"name": "1017681",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017681"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "[email protected]",
"ID": "CVE-2007-1063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-unified-ip-phone-default-user-account(32627)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32627"
},
{
"name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
},
{
"name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
},
{
"name": "45246",
"refsource": "OSVDB",
"url": "http://osvdb.org/45246"
},
{
"name": "24262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24262"
},
{
"name": "ADV-2007-0689",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0689"
},
{
"name": "22647",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22647"
},
{
"name": "1017681",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017681"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1063",
"datePublished": "2007-02-22T01:00:00",
"dateReserved": "2007-02-21T00:00:00",
"dateUpdated": "2024-08-07T12:43:22.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1072 (GCVE-0-2007-1072)
Vulnerability from cvelistv5
Published
2007-02-22 22:00
Modified
2024-08-07 12:43
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml | vendor-advisory, x_refsource_CISCO | |
| http://secunia.com/advisories/24262 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/22647 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/33064 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
},
{
"name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
},
{
"name": "24262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24262"
},
{
"name": "22647",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22647"
},
{
"name": "33064",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33064"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
},
{
"name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
},
{
"name": "24262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24262"
},
{
"name": "22647",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22647"
},
{
"name": "33064",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33064"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "[email protected]",
"ID": "CVE-2007-1072",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
},
{
"name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
},
{
"name": "24262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24262"
},
{
"name": "22647",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22647"
},
{
"name": "33064",
"refsource": "OSVDB",
"url": "http://osvdb.org/33064"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1072",
"datePublished": "2007-02-22T22:00:00",
"dateReserved": "2007-02-22T00:00:00",
"dateUpdated": "2024-08-07T12:43:22.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-02-22 01:28
Modified
2025-04-09 00:30
Severity ?
Summary
The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_ip_phone_firmware_7906g | 8.0\(4\) | |
| cisco | unified_ip_phone_7906g | - | |
| cisco | unified_ip_phone_firmware_7911g | 8.0\(4\) | |
| cisco | unified_ip_phone_7911g | - | |
| cisco | unified_ip_phone_firmware_7941g | 8.0\(4\) | |
| cisco | unified_ip_phone_7941g | - | |
| cisco | unified_ip_phone_firmware_7961g | 8.0\(4\) | |
| cisco | unified_ip_phone_7961g | - | |
| cisco | unified_ip_phone_firmware_7970g | 8.0\(4\) | |
| cisco | unified_ip_phone_7970g | - | |
| cisco | unified_ip_phone_firmware_7971g | 8.0\(4\) | |
| cisco | unified_ip_phone_7971g | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7906g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "23432284-A61D-4154-8F12-0BDD5CD5626C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94B18568-30F5-40BF-96DB-589ED8D960F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7911g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "A79FC2D2-ADA6-40E7-B4BE-2D88EDAC3542",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7911g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF164BA-91F9-434B-9837-1B6E600A91AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7941g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "0F81336D-8BDD-48F4-AC57-65FF6977C4B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7941g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7519FF0-672E-430F-980D-53D2A851C78C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7961g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAB656-95DD-4F06-ABA9-F0440D100B66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7961g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B979DC-52B4-497E-9D7C-3D8F861E6E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7970g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "E9F28146-B268-4B3F-A399-19CC422EBAB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7970g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "832C16DC-ED55-4879-8CF4-610BDDDAB86F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7971g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "C1C8D7BE-0997-47E8-80A3-1F6263B66B91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7971g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0ED520-140A-43C4-99F0-751C358F8CDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device."
},
{
"lang": "es",
"value": "El servidor SSH en Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, y 7971G, con firmware 8.0(4)SR1 y anteriores, utiliza un nombre de usuario y contrase\u00f1a fuertemente codificada, lo cual permite a atacantes remotos acceder al dispositivo."
}
],
"id": "CVE-2007-1063",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "[email protected]",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-22T01:28:00.000",
"references": [
{
"source": "[email protected]",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/45246"
},
{
"source": "[email protected]",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24262"
},
{
"source": "[email protected]",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
},
{
"source": "[email protected]",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
},
{
"source": "[email protected]",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/22647"
},
{
"source": "[email protected]",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1017681"
},
{
"source": "[email protected]",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0689"
},
{
"source": "[email protected]",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/45246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/22647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1017681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32627"
}
],
"sourceIdentifier": "[email protected]",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "[email protected]",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-22 22:28
Modified
2025-04-09 00:30
Severity ?
Summary
The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_ip_phone_firmware_7906g | 8.0\(4\) | |
| cisco | unified_ip_phone_7906g | - | |
| cisco | unified_ip_phone_firmware_7911g | 8.0\(4\) | |
| cisco | unified_ip_phone_7911g | - | |
| cisco | unified_ip_phone_firmware_7941g | 8.0\(4\) | |
| cisco | unified_ip_phone_7941g | - | |
| cisco | unified_ip_phone_firmware_7961g | 8.0\(4\) | |
| cisco | unified_ip_phone_7961g | - | |
| cisco | unified_ip_phone_firmware_7970g | 8.0\(4\) | |
| cisco | unified_ip_phone_7970g | - | |
| cisco | unified_ip_phone_firmware_7971g | 8.0\(4\) | |
| cisco | unified_ip_phone_7971g | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7906g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "23432284-A61D-4154-8F12-0BDD5CD5626C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94B18568-30F5-40BF-96DB-589ED8D960F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7911g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "A79FC2D2-ADA6-40E7-B4BE-2D88EDAC3542",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7911g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF164BA-91F9-434B-9837-1B6E600A91AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7941g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "0F81336D-8BDD-48F4-AC57-65FF6977C4B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7941g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7519FF0-672E-430F-980D-53D2A851C78C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7961g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAB656-95DD-4F06-ABA9-F0440D100B66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7961g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B979DC-52B4-497E-9D7C-3D8F861E6E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7970g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "E9F28146-B268-4B3F-A399-19CC422EBAB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7970g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "832C16DC-ED55-4879-8CF4-610BDDDAB86F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7971g:8.0\\(4\\):sr1:*:*:*:*:*:*",
"matchCriteriaId": "C1C8D7BE-0997-47E8-80A3-1F6263B66B91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7971g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0ED520-140A-43C4-99F0-751C358F8CDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063."
},
{
"lang": "es",
"value": "El interfaz de linea de comando (CLI) en Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, y 7971G, con firmware 8.0(4)SR1 y anteriores permite a usuarios locales obtener privilegios o provocar denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados. NOTA: este asunto podr\u00eda estar apalancada remotamente a trav\u00e9s de CVE-2007-1063."
}
],
"id": "CVE-2007-1072",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "[email protected]",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-22T22:28:00.000",
"references": [
{
"source": "[email protected]",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/33064"
},
{
"source": "[email protected]",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24262"
},
{
"source": "[email protected]",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
},
{
"source": "[email protected]",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
},
{
"source": "[email protected]",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/22647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/33064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/22647"
}
],
"sourceIdentifier": "[email protected]",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "[email protected]",
"type": "Primary"
}
]
}