CVE-2007-4294Code Injection in Cisco Unified Communications Manager

CWE-399CWE-94Code Injection5 documents5 sources
Severity
6.8MEDIUMNVD
EPSS
2.7%
top 14.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unified Communications Manager
Timeline
PublishedAug 9
Latest updateMay 1

Description

Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-jmjv-2hr3-5g9q: Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 52022-05-01
CVEList
CVE-2007-4294: Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 52007-08-09

💥Exploits & PoCs

1
Exploit-DB
Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Remote Overflow2007-08-22

📋Vendor Advisories

1
Cisco
Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager2007-08-08
CVE-2007-4294 — Code Injection in Cisco | cvebase