Vulnerability Description
Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack").
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Call Manager | 5.1.1.3000 |
Related Weaknesses (CWE)
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066581.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066691.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066694.html
- http://secunia.com/advisories/27231
- http://www.securityfocus.com/bid/26057
- http://www.vupen.com/english/advisories/2007/3534
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37197
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066581.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066691.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066694.html
- http://secunia.com/advisories/27231
- http://www.securityfocus.com/bid/26057
- http://www.vupen.com/english/advisories/2007/3534
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37197
FAQ
What is CVE-2007-5468?
CVE-2007-5468 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credenti...
How severe is CVE-2007-5468?
CVE-2007-5468 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5468?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Call Manager.