CVE-2006-4032

2006-08-0922:00:00

mitre

www.cve.org

6.4 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%

JSON

Unspecified vulnerability in Cisco IOS CallManager Express (CME) allows remote attackers to gain sensitive information (user names) from the Session Initiation Protocol (SIP) user directory via certain SIP messages, aka bug CSCse92417.

References

secunia.com/advisories/21335

securitytracker.com/id?1016627

www.blackhat.com/html/bh-usa-06/bh-usa-06-speakers.html#Endler

www.cisco.com/warp/public/707/cisco-sr-20060802-sip.shtml

www.osvdb.org/27760

www.securityfocus.com/bid/19309

www.vupen.com/english/advisories/2006/3126

exchange.xforce.ibmcloud.com/vulnerabilities/28185