Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-1072

The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.

Published

2007-02-22T22:28:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	unified_ip_phone_firmware_7906g	8.0\(4\)	Yes
Hardware	cisco	unified_ip_phone_7906g	-	No
Operating System	cisco	unified_ip_phone_firmware_7911g	8.0\(4\)	Yes
Hardware	cisco	unified_ip_phone_7911g	-	No
Operating System	cisco	unified_ip_phone_firmware_7941g	8.0\(4\)	Yes
Hardware	cisco	unified_ip_phone_7941g	-	No
Operating System	cisco	unified_ip_phone_firmware_7961g	8.0\(4\)	Yes
Hardware	cisco	unified_ip_phone_7961g	-	No
Operating System	cisco	unified_ip_phone_firmware_7970g	8.0\(4\)	Yes
Hardware	cisco	unified_ip_phone_7970g	-	No
Operating System	cisco	unified_ip_phone_firmware_7971g	8.0\(4\)	Yes
Hardware	cisco	unified_ip_phone_7971g	-	No

References

http://osvdb.org/33064 Broken Link ([email protected])
http://secunia.com/advisories/24262 Vendor Advisory ([email protected])
http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml Vendor Advisory ([email protected])
http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml Patch, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/22647 Third Party Advisory, VDB Entry ([email protected])
http://osvdb.org/33064 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24262 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/22647 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)