Security Advisory

CVE-2007-5468

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-10-16 00:00:00

Last updated 2024-08-07 15:31:58

Assigner mitre

State PUBLISHED

Description

Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack").

← Browse all CVEs View on cve.org ↗