Vulnerability CVE-2007-4633 - CERT Civis.Net

Vulnerability Name:

CVE-2007-4633 (CCN-36325)

Assigned:

2007-08-29

Published:

2007-08-29

Updated:

2017-07-29

Summary:

Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2007-4633

Source: CCN
Type: SA26641
Cisco CallManager / CUCM Cross-Site Scripting and SQL Injection

Source: SECUNIA
Type: Vendor Advisory
26641

Source: CCN
Type: SECTRACK ID: 1018624
Cisco CallManager/Unified Communications Manager Input Validation Holes Permit Cross-Site Scripting and SQL Injection Attacks

Source: SECTRACK
Type: UNKNOWN
1018624

Source: CISCO
Type: Patch, Vendor Advisory
20070829 XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page

Source: CCN
Type: cisco-sa-20070829-ccm
XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page

Source: CCN
Type: OSVDB ID: 36658
Cisco CallManager / CUCM Logon Page lang Parameter XSS

Source: BID
Type: UNKNOWN
25480

Source: CCN
Type: BID-25480
Cisco CallManager/Communications Manager SQL Injection and Cross-Site Scripting Vulnerabilities

Source: VUPEN
Type: UNKNOWN
ADV-2007-3010

Source: XF
Type: UNKNOWN
cisco-cucm-admin-xss(36325)

Source: XF
Type: UNKNOWN
cisco-cucm-admin-xss(36325)

Vulnerable Configuration:

Configuration 1:

cpe:/a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*

OR cpe:/a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:3.3(5)sr1:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:3.3(5)sr2:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:3.3(5)sr2a:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.1:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.1(3)sr1:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.1(3)sr2:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.1(3)sr3:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.1(3)sr4:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.2:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.2(1):*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.2(2):*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.2(3):*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.2(3)sr1:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.2(3)sr2:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.3:*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.3(1):*:*:*:*:*:*:*

OR cpe:/h:cisco:call_manager:4.3(1)sr1:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*

OR cpe:/a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*

Denotes that component is vulnerable