CVE-2007-5539 - Vulnerability Details - OpenCVE

Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Unified Contact Center Enterprise Unified Contact Center Hosted Unified Icm Hosted Unified Intelligent Contact Management Enterprise

Configuration 1 [-]

OR	cpe:2.3:a:cisco:unified_contact_center_enterprise::::::::
	cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\(5\):::::::*
	cpe:2.3:a:cisco:unified_contact_center_hosted::::::::
	cpe:2.3:a:cisco:unified_icm_hosted::::::::
	cpe:2.3:a:cisco:unified_intelligent_contact_management_enterprise::::::::

No data.

References

Link	Providers
http://osvdb.org/37938
http://secunia.com/advisories/27214
http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml
http://www.securityfocus.com/bid/26106
http://www.securitytracker.com/id?1018829
http://www.vupen.com/english/advisories/2007/3533
https://exchange.xforce.ibmcloud.com/vulnerabilities/37248

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-10-18T00:00:00

Updated: 2024-08-07T15:31:59.010Z

Reserved: 2007-10-17T00:00:00

Link: CVE-2007-5539

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-10-18T00:17:00.000

Modified: 2024-11-21T00:38:08.357

Link: CVE-2007-5539

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-10-17T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20071017 Cisco Unified Communications Web-based Management Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml"}, {"name": "ADV-2007-3533", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3533"}, {"name": "37938", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/37938"}, {"name": "cisco-webview-unauthorized-access(37248)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37248"}, {"name": "1018829", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018829"}, {"name": "27214", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27214"}, {"name": "26106", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26106"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5539", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20071017 Cisco Unified Communications Web-based Management Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml"}, {"name": "ADV-2007-3533", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3533"}, {"name": "37938", "refsource": "OSVDB", "url": "http://osvdb.org/37938"}, {"name": "cisco-webview-unauthorized-access(37248)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37248"}, {"name": "1018829", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018829"}, {"name": "27214", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27214"}, {"name": "26106", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26106"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:31:59.010Z"}, "title": "CVE Program Container", "references": [{"name": "20071017 Cisco Unified Communications Web-based Management Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml"}, {"name": "ADV-2007-3533", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3533"}, {"name": "37938", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/37938"}, {"name": "cisco-webview-unauthorized-access(37248)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37248"}, {"name": "1018829", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018829"}, {"name": "27214", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27214"}, {"name": "26106", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26106"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5539", "datePublished": "2007-10-18T00:00:00", "dateReserved": "2007-10-17T00:00:00", "dateUpdated": "2024-08-07T15:31:59.010Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*", "matchCriteriaId": "C72EB4AF-531A-4EA3-A10E-4F8344C52F49", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "B5AE16C9-6712-4964-B32E-3D5BE09B19ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_hosted:*:*:*:*:*:*:*:*", "matchCriteriaId": "D98D843F-F954-4398-852B-9DBD76AD7EE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_icm_hosted:*:*:*:*:*:*:*:*", "matchCriteriaId": "36F355CE-F84F-47ED-9D4A-BB67074F763C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligent_contact_management_enterprise:*:*:*:*:*:*:*:*", "matchCriteriaId": "19D8C181-8AEA-4383-B2B0-CBB8F59115C3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH) y System Unified Contact Center Enterprise (SUCCE) versi\u00f3n 7.1 (5), permite a usuarios autenticados remotos alcanzar privilegios y leer reportes o cambiar la configuraci\u00f3n de SUCCE, por medio de ciertas interfaces web, tambi\u00e9n se conoce como CSCsj55686."}], "id": "CVE-2007-5539", "lastModified": "2024-11-21T00:38:08.357", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-18T00:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/37938"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27214"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26106"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018829"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3533"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37248"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/37938"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27214"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26106"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018829"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3533"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37248"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}