CVE-2007-1072

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

he command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.

References

Link	Resource
http://osvdb.org/33064	Broken Link
http://secunia.com/advisories/24262	Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml	Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/22647	Third Party Advisory VDB Entry
http://osvdb.org/33064	Broken Link
http://secunia.com/advisories/24262	Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml	Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/22647	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:unified_ip_phone_firmware_7906g:8.0\(4\):sr1:*:*:*:*:*:*

cpe:2.3:h:cisco:unified_ip_phone_7906g:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:cisco:unified_ip_phone_firmware_7911g:8.0\(4\):sr1:*:*:*:*:*:*

cpe:2.3:h:cisco:unified_ip_phone_7911g:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:cisco:unified_ip_phone_firmware_7941g:8.0\(4\):sr1:*:*:*:*:*:*

cpe:2.3:h:cisco:unified_ip_phone_7941g:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:cisco:unified_ip_phone_firmware_7961g:8.0\(4\):sr1:*:*:*:*:*:*

cpe:2.3:h:cisco:unified_ip_phone_7961g:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:cisco:unified_ip_phone_firmware_7970g:8.0\(4\):sr1:*:*:*:*:*:*

cpe:2.3:h:cisco:unified_ip_phone_7970g:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:cisco:unified_ip_phone_firmware_7971g:8.0\(4\):sr1:*:*:*:*:*:*

cpe:2.3:h:cisco:unified_ip_phone_7971g:-:*:*:*:*:*:*:*

History

21 Nov 2024, 00:27

Type	Values Removed	Values Added
References	~~() http://osvdb.org/33064 - Broken Link~~	() http://osvdb.org/33064 - Broken Link
References	~~() http://secunia.com/advisories/24262 - Vendor Advisory~~	() http://secunia.com/advisories/24262 - Vendor Advisory
References	~~() http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml - Vendor Advisory~~	() http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml - Vendor Advisory
References	~~() http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml - Patch, Vendor Advisory~~	() http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml - Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/22647 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/22647 - Third Party Advisory, VDB Entry

Information

Published : 2007-02-22 22:28

Updated : 2025-04-09 00:30

NVD link : CVE-2007-1072

Mitre link : CVE-2007-1072

CVE.ORG link : CVE-2007-1072

JSON object : View

Products Affected

cisco

CWE

CWE-264

Permissions, Privileges, and Access Controls

7.2 /10