Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page."
2006-01-22T20:03:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 6.5 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Hardware | cisco | call_manager | 1.0 | Yes |
| Hardware | cisco | call_manager | 2.0 | Yes |
| Hardware | cisco | call_manager | 3.0 | Yes |
| Hardware | cisco | call_manager | 3.1 | Yes |
| Hardware | cisco | call_manager | 3.1\(2\) | Yes |
| Hardware | cisco | call_manager | 3.1\(3a\) | Yes |
| Hardware | cisco | call_manager | 3.2 | Yes |
| Hardware | cisco | call_manager | 3.3 | Yes |
| Hardware | cisco | call_manager | 3.3\(3\) | Yes |
| Hardware | cisco | call_manager | 3.3\(3\)es61 | Yes |
| Hardware | cisco | call_manager | 3.3\(4\)es25 | Yes |
| Hardware | cisco | call_manager | 3.3\(5\) | Yes |
| Hardware | cisco | call_manager | 4.0 | Yes |
| Hardware | cisco | call_manager | 4.0\(2a\)es40 | Yes |
| Hardware | cisco | call_manager | 4.0\(2a\)sr2b | Yes |
| Hardware | cisco | call_manager | 4.1\(2\)es33 | Yes |
| Hardware | cisco | call_manager | 4.1\(3\)es07 | Yes |
| Hardware | cisco | call_manager | 4.1\(3\)sr1 | Yes |