← back
CVE-2005-2181

CVE-2005-2181

EPSS 1.2%
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=112067698624686&w=2http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txthttps://exchange.xforce.ibmcloud.com/vulnerabilities/21260http://www.securitytracker.com/alerts/2005/Jul/1014406.html