CVE-2007-1063

CVSS 10.0 - HIGH
Description

The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.

Affected Products
12
Vendor Product Version
cisco unified_ip_phone_firmware_7906g 8.0\(4\)
cisco unified_ip_phone_7906g -
cisco unified_ip_phone_firmware_7911g 8.0\(4\)
cisco unified_ip_phone_7911g -
cisco unified_ip_phone_firmware_7941g 8.0\(4\)
cisco unified_ip_phone_7941g -
cisco unified_ip_phone_firmware_7961g 8.0\(4\)
cisco unified_ip_phone_7961g -
cisco unified_ip_phone_firmware_7970g 8.0\(4\)
cisco unified_ip_phone_7970g -
cisco unified_ip_phone_firmware_7971g 8.0\(4\)
cisco unified_ip_phone_7971g -
References
http://osvdb.org/45246
http://secunia.com/advisories/24262
http://www.cisco.com/warp/public/707/cisco-air-200...
http://www.cisco.com/warp/public/707/cisco-sa-2007...
http://www.securityfocus.com/bid/22647
http://www.securitytracker.com/id?1017681
http://www.vupen.com/english/advisories/2007/0689
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
http://osvdb.org/45246
http://secunia.com/advisories/24262
http://www.cisco.com/warp/public/707/cisco-air-200...
http://www.cisco.com/warp/public/707/cisco-sa-2007...
http://www.securityfocus.com/bid/22647
http://www.securitytracker.com/id?1017681
http://www.vupen.com/english/advisories/2007/0689
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
Weakness Types
CWE-798
CVE Information
CVE ID:
CVE-2007-1063
Published:
2007-02-22
Modified:
2026-04-23
CVSS Score:
10.0
Severity:
HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Vendors
cisco
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL