Executive Summary

Summary
Title Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities
Informations
Name cisco-sa-20070711-voip First vendor Publication 2007-06-19
Vendor Cisco Last vendor Modification 2007-07-11
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cisco Unified Communications Manager (CUCM), formerly CallManager, and Cisco Unified Presence Server (CUPS) contain two vulnerabilities that could allow an unauthorized administrator to activate and terminate CUCM / CUPS system services and access SNMP configuration information.

Original Source

Url : http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3
Application 4

Open Source Vulnerability Database (OSVDB)

Id Description
36124 Cisco CUCM / CUPS Unspecified SNMP Information Disclosure

36123 Cisco CUCM / CUPS Unspecified Cluster Services DoS

Cisco Unified Communications Manager and Unified Presence Server contain a flaw that may allow a remote denial of service. The issue is triggered by an unspecified flaw which allows an unauthorized user to start and stop arbitrary services, and will result in loss of availability for services.