Vulnerability Details CVE-2007-1063
The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.2%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/45246
- http://secunia.com/advisories/24262
- http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml
- http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml
- http://www.securityfocus.com/bid/22647
- http://www.securitytracker.com/id?1017681
- http://www.vupen.com/english/advisories/2007/0689
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32627
- http://osvdb.org/45246
- http://secunia.com/advisories/24262
- http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml
- http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml
- http://www.securityfocus.com/bid/22647
- http://www.securitytracker.com/id?1017681
- http://www.vupen.com/english/advisories/2007/0689
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32627
Products affected by CVE-2007-1063
-
cpe:2.3:h:cisco:unified_ip_phone_7906g:-
-
cpe:2.3:h:cisco:unified_ip_phone_7911g:-
-
cpe:2.3:h:cisco:unified_ip_phone_7941g:-
-
cpe:2.3:h:cisco:unified_ip_phone_7961g:-
-
cpe:2.3:h:cisco:unified_ip_phone_7970g:-
-
cpe:2.3:h:cisco:unified_ip_phone_7971g:-
-
cpe:2.3:o:cisco:unified_ip_phone_firmware_7906g:8.0(4)
-
cpe:2.3:o:cisco:unified_ip_phone_firmware_7911g:8.0(4)
-
cpe:2.3:o:cisco:unified_ip_phone_firmware_7941g:8.0(4)
-
cpe:2.3:o:cisco:unified_ip_phone_firmware_7961g:8.0(4)
-
cpe:2.3:o:cisco:unified_ip_phone_firmware_7970g:8.0(4)
-
cpe:2.3:o:cisco:unified_ip_phone_firmware_7971g:8.0(4)