{ "id": "CVE-2007-1072", "sourceIdentifier": "cve@mitre.org", "published": "2007-02-22T22:28:00.000", "lastModified": "2019-05-23T16:16:04.877", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063." }, { "lang": "es", "value": "El interfaz de linea de comando (CLI) en Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, y 7971G, con firmware 8.0(4)SR1 y anteriores permite a usuarios locales obtener privilegios o provocar denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados. NOTA: este asunto podr\u00eda estar apalancada remotamente a trav\u00e9s de CVE-2007-1063." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2 }, "baseSeverity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-264" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7906g:8.0\\(4\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "23432284-A61D-4154-8F12-0BDD5CD5626C" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:-:*:*:*:*:*:*:*", "matchCriteriaId": "94B18568-30F5-40BF-96DB-589ED8D960F5" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7911g:8.0\\(4\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "A79FC2D2-ADA6-40E7-B4BE-2D88EDAC3542" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7911g:-:*:*:*:*:*:*:*", "matchCriteriaId": "0BF164BA-91F9-434B-9837-1B6E600A91AF" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7941g:8.0\\(4\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "0F81336D-8BDD-48F4-AC57-65FF6977C4B6" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7941g:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7519FF0-672E-430F-980D-53D2A851C78C" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7961g:8.0\\(4\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "0CBAB656-95DD-4F06-ABA9-F0440D100B66" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7961g:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1B979DC-52B4-497E-9D7C-3D8F861E6E26" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7970g:8.0\\(4\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "E9F28146-B268-4B3F-A399-19CC422EBAB0" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7970g:-:*:*:*:*:*:*:*", "matchCriteriaId": "832C16DC-ED55-4879-8CF4-610BDDDAB86F" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7971g:8.0\\(4\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "C1C8D7BE-0997-47E8-80A3-1F6263B66B91" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7971g:-:*:*:*:*:*:*:*", "matchCriteriaId": "5C0ED520-140A-43C4-99F0-751C358F8CDE" } ] } ] } ], "references": [ { "url": "http://osvdb.org/33064", "source": "cve@mitre.org", "tags": [ "Broken Link" ] }, { "url": "http://secunia.com/advisories/24262", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml", "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/bid/22647", "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ] } ] }