How severe is CVE-2007-6190?

The severity of CVE-2007-6190 has not been assessed with CVSS v3.

CVE-2007-6190

Name: unified_ip_phone
Author: cisco

NONE

The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allows remote authenticated users of other phones associated with the same CUCM server to eavesdrop on th

Published: 11/30/2007Updated: 4/9/2025

Description

The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allows remote authenticated users of other phones associated with the same CUCM server to eavesdrop on the physical environment via a CiscoIPPhoneExecute message containing a URL attribute of an ExecuteItem element that specifies a Real-Time Transport Protocol (RTP) audio stream.

AI AnalysisPowered by AI

Affected Products

ciscounified_ip_phone

References

http://osvdb.org/40874
http://secunia.com/advisories/27829
Vendor Advisory
http://securitytracker.com/id?1019006
http://www.cisco.com/en/US/products/products_security_response09186a0080903a6d.html
http://www.hack.lu/pres/hacklu07_Remote_wiretapping.pdf
http://www.securityfocus.com/bid/26668
http://www.vupen.com/english/advisories/2007/4036
http://osvdb.org/40874
http://secunia.com/advisories/27829
Vendor Advisory
http://securitytracker.com/id?1019006
http://www.cisco.com/en/US/products/products_security_response09186a0080903a6d.html
http://www.hack.lu/pres/hacklu07_Remote_wiretapping.pdf
http://www.securityfocus.com/bid/26668
http://www.vupen.com/english/advisories/2007/4036