Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-1063
HistoryFeb 22, 2007 - 1:28 a.m.

CVE-2007-1063

2007-02-2201:28:00
CWE-798
[email protected]
web.nvd.nist.gov
33
cisco
ip phone
ssh
server
vulnerability
hard-coded
username
password
remote attackers
access
device
nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.3%

JSON

The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.

Affected configurations

NVD
Node
ciscounified_ip_phone_firmware_7906gMatch8.0\(4\)sr1
AND
ciscounified_ip_phone_7906gMatch-
Node
ciscounified_ip_phone_firmware_7911gMatch8.0\(4\)sr1
AND
ciscounified_ip_phone_7911gMatch-
Node
ciscounified_ip_phone_firmware_7941gMatch8.0\(4\)sr1
AND
ciscounified_ip_phone_7941gMatch-
Node
ciscounified_ip_phone_firmware_7961gMatch8.0\(4\)sr1
AND
ciscounified_ip_phone_7961gMatch-
Node
ciscounified_ip_phone_firmware_7970gMatch8.0\(4\)sr1
AND
ciscounified_ip_phone_7970gMatch-
Node
ciscounified_ip_phone_firmware_7971gMatch8.0\(4\)sr1
AND
ciscounified_ip_phone_7971gMatch-

Related

prion 2
cvelist 2
nvd 2
cve 1
securityvulns 1
cisco 1
prion
prion
Hardcoded credentials
2007-02-22 01:28:00
Command injection
2007-02-22 22:28:00
cvelist
cvelist
CVE-2007-1063
2007-02-22 01:00:00
CVE-2007-1072
2007-02-22 22:00:00
nvd
nvd
CVE-2007-1063
2007-02-22 01:28:00
CVE-2007-1072
2007-02-22 22:28:00
cve
cve
CVE-2007-1072
2007-02-22 22:28:00
securityvulns
securityvulns
Cisco IP Phones unauthorized access
2007-02-21 00:00:00
cisco
cisco
Cisco Unified IP Conference Station and IP Phone Vulnerabilities
2007-02-21 16:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.3%

JSON
Related for CVE-2007-1063
prion2cvelist2nvd2cve1securityvulns1cisco1