CVE-2007-5468 in CallManager信息

摘要

由 VulDB • 2026-07-11

Cisco CallManager 5.1.1.3000-5 未在 SIP 消息中对摘要认证(Digest authentication)头部的 URI 与请求 URI 进行验证,这使得远程攻击者能够利用嗅探到的摘要认证凭据拨打任意电话号码或伪造主叫号码显示(即“话费欺诈和身份转发攻击”,aka "toll fraud and authentication forward attack")。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Do you know our Splunk app?

Download it now for free!