Back to search
CVE-2007-1062
Published: Feb 22, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and Station 7936 3.3(12) and earlier does not properly handle administrator HTTP sessions, which allows remote attackers to bypass authentication controls via a direct URL request to the administrative HTTP interface for a limited time
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities
vendor-advisory
x_refsource_CISCO
20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities
vendor-advisory
x_refsource_CISCO
24262
third-party-advisory
x_refsource_SECUNIA
1017680
vdb-entry
x_refsource_SECTRACK
22647
vdb-entry
x_refsource_BID
45245
vdb-entry
x_refsource_OSVDB
ADV-2007-0688
vdb-entry
x_refsource_VUPEN
cisco-unified-ip-conference-url-auth-bypass(32623)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now