Cross-Site Scripting Vulnerability in Cisco CallManager Web Application Firewall
CVE-2007-2832

Currently unrated

Key Information:

Vendor

Cisco
Status
Call Manager
Vendor
CVE Published:
24 May 2007

What is CVE-2007-2832?

The vulnerability in Cisco CallManager's web application firewall allows attackers to exploit the system by injecting arbitrary web scripts or HTML. This can occur via specially crafted requests to the CCMAdmin interface, particularly through the pattern parameter on the serverlist.asp page. If exploited, this vulnerability could be used for a variety of malicious activities, including session hijacking or redirecting users to malicious sites. Organizations using affected versions of Cisco CallManager are urged to apply mitigations and updates to safeguard against potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1018105
vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2007/1922
vdb-entryx_refsource_VUPEN
http://www.osvdb.org/35337
vdb-entryx_refsource_OSVDB

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.