CVE-2007-3776 - Vulnerability Details - OpenCVE

Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Unified Communications Manager Unified Presence Server

Configuration 1 [-]

OR	cpe:2.3:a:cisco:unified_communications_manager:5.0:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:5.1\(1\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:5.1\(2\):::::::*
	cpe:2.3:a:cisco:unified_presence_server:1.0:::::::*
	cpe:2.3:a:cisco:unified_presence_server:1.0\(1\):::::::*
	cpe:2.3:a:cisco:unified_presence_server:1.0\(2\):::::::*
	cpe:2.3:a:cisco:unified_presence_server:1.0\(3\):::::::*

No data.

References

Link	Providers
http://osvdb.org/36124
http://secunia.com/advisories/26039
http://securitytracker.com/id?1018368
http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml
http://www.securityfocus.com/bid/24867
http://www.vupen.com/english/advisories/2007/2511
https://exchange.xforce.ibmcloud.com/vulnerabilities/35344

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-07-15T22:00:00

Updated: 2024-08-07T14:28:52.377Z

Reserved: 2007-07-15T00:00:00

Link: CVE-2007-3776

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-07-15T22:30:00.000

Modified: 2024-11-21T00:34:02.313

Link: CVE-2007-3776

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-07-11T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1018368", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018368"}, {"name": "20070711 Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"}, {"name": "26039", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26039"}, {"name": "24867", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24867"}, {"name": "ADV-2007-2511", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2511"}, {"name": "cisco-callmanager-presence-info-disclosure(35344)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35344"}, {"name": "36124", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/36124"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-3776", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1018368", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018368"}, {"name": "20070711 Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"}, {"name": "26039", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26039"}, {"name": "24867", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24867"}, {"name": "ADV-2007-2511", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2511"}, {"name": "cisco-callmanager-presence-info-disclosure(35344)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35344"}, {"name": "36124", "refsource": "OSVDB", "url": "http://osvdb.org/36124"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:28:52.377Z"}, "title": "CVE Program Container", "references": [{"name": "1018368", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1018368"}, {"name": "20070711 Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"}, {"name": "26039", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26039"}, {"name": "24867", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24867"}, {"name": "ADV-2007-2511", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2511"}, {"name": "cisco-callmanager-presence-info-disclosure(35344)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35344"}, {"name": "36124", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/36124"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-3776", "datePublished": "2007-07-15T22:00:00", "dateReserved": "2007-07-15T00:00:00", "dateUpdated": "2024-08-07T14:28:52.377Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "1B9FDFF3-2E60-4E41-9251-93283D945D94", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "239510AD-8BB0-4515-B1DA-80DE696D25DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "22B299D9-A18B-41D9-B976-57AFDAA751DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "9465A4F0-44C0-4A43-962E-0CCEADA05533", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962."}, {"lang": "es", "value": "Cisco Unified Communications Manager (CUCM, antiguamente CallManager) y Unified Presence Server (CUPS) permiten a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores sin especificar que revelan las cadenas de comunidad SNMP y las opciones de configuraci\u00f3n, tambi\u00e9n conocido como (1) CSCsj20668 y (2) CSCsj25962."}], "id": "CVE-2007-3776", "lastModified": "2024-11-21T00:34:02.313", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-07-15T22:30:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/36124"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/26039"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018368"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24867"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2511"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35344"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/36124"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26039"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1018368"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24867"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2511"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35344"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}