1. Home
  2. CVE Database
  3. CVE-2007-1072
HIGH · 7.2

CVE-2007-1072

The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial o...

Vulnerability Description

The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
CiscoUnified Ip Phone Firmware 7906G8.0\(4\)
CiscoUnified Ip Phone 7906G-
CiscoUnified Ip Phone Firmware 7911G8.0\(4\)
CiscoUnified Ip Phone 7911G-
CiscoUnified Ip Phone Firmware 7941G8.0\(4\)
CiscoUnified Ip Phone 7941G-
CiscoUnified Ip Phone Firmware 7961G8.0\(4\)
CiscoUnified Ip Phone 7961G-
CiscoUnified Ip Phone Firmware 7970G8.0\(4\)
CiscoUnified Ip Phone 7970G-
CiscoUnified Ip Phone Firmware 7971G8.0\(4\)
CiscoUnified Ip Phone 7971G-

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2007-1072?

CVE-2007-1072 is a vulnerability with a CVSS score of 7.2 (HIGH). The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial o...

How severe is CVE-2007-1072?

CVE-2007-1072 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-1072?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Ip Phone Firmware 7906G, Cisco Unified Ip Phone 7906G, Cisco Unified Ip Phone Firmware 7911G, Cisco Unified Ip Phone 7911G, Cisco Unified Ip Phone Firmware 7941G.