2 matches found
Cisco Unified IP Phone Exposure of Sensitive Information to an Unauthorized Actor (CVE-2007-6190)
The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allows remote authenticated users of other phones associated with the same CUCM server to eavesdrop on the physical environment via a CiscoIPPhoneExecute message containing a URL attribute of an...
CVE-2007-6190
The CVE affects Cisco Unified IP Phone devices with Extension Mobility enabled. The HTTP daemon can be abused by remote authenticated users on other phones within the same CUCM domain to eavesdrop on the physical environment by triggering a CiscoIPPhoneExecute message that points to an RTP audio ...