CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-2181

Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.6%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=112067698624686&w=2
http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt
http://www.securitytracker.com/alerts/2005/Jul/1014406.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/21260
http://marc.info/?l=bugtraq&m=112067698624686&w=2
http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt
http://www.securitytracker.com/alerts/2005/Jul/1014406.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/21260

Products affected by CVE-2005-2181

Cisco » Ip Phone 7940 » Version: N/A

cpe:2.3:h:cisco:ip_phone_7940:-
Cisco » Ip Phone 7960 » Version: N/A

cpe:2.3:h:cisco:ip_phone_7960:-
Cisco » Ip Phone 7940 Firmware » Version: N/A

cpe:2.3:o:cisco:ip_phone_7940_firmware:-
Cisco » Ip Phone 7960 Firmware » Version: N/A

cpe:2.3:o:cisco:ip_phone_7960_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-2181

Products

Pricing

Contact Us