Vulnerability Description
Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Call Manager | 1.0 |
References
- http://secunia.com/advisories/18501PatchVendor Advisory
- http://securitytracker.com/id?1015502Patch
- http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmpe.shtmlPatchVendor Advisory
- http://www.osvdb.org/22621Patch
- http://www.securityfocus.com/bid/16293
- http://www.vupen.com/english/advisories/2006/0250Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24172
- http://secunia.com/advisories/18501PatchVendor Advisory
- http://securitytracker.com/id?1015502Patch
- http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmpe.shtmlPatchVendor Advisory
- http://www.osvdb.org/22621Patch
- http://www.securityfocus.com/bid/16293
- http://www.vupen.com/english/advisories/2006/0250Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24172
FAQ
What is CVE-2006-0367?
CVE-2006-0367 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative p...
How severe is CVE-2006-0367?
CVE-2006-0367 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0367?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Call Manager.