CVE-2007-5468

NONECVSS 0.0

0.0

Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack").

🔗 References (14)

cve@mitrehttp://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066581.html
cve@mitrehttp://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066691.html
cve@mitrehttp://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066694.html
cve@mitrehttp://secunia.com/advisories/27231
cve@mitrehttp://www.securityfocus.com/bid/26057
cve@mitrehttp://www.vupen.com/english/advisories/2007/3534
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/37197
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066581.html
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066691.html
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066694.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27231
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/26057
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3534
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/37197

Is Your Infrastructure Affected by CVE-2007-5468?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-5468

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-5468?