{"api_version":"1","generated_at":"2026-04-23T02:57:05+00:00","cve":"CVE-2007-4633","urls":{"html":"https://cve.report/CVE-2007-4633","api":"https://cve.report/api/cve/CVE-2007-4633.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-4633","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-4633"},"summary":{"title":"CVE-2007-4633","description":"Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-08-31 23:17:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-79","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"}}],"references":[{"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml","name":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Cisco Security Advisory: XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page - Cisco Systems","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/25480","name":"http://www.securityfocus.com/bid/25480","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco CallManager/Communications Manager SQL Injection and Cross-Site Scripting Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2007/3010","name":"http://www.vupen.com/english/advisories/2007/3010","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36325","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36325","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/26641","name":"http://secunia.com/advisories/26641","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Cisco CallManager / CUCM Cross-Site Scripting and SQL Injection - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1018624","name":"http://securitytracker.com/id?1018624","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco CallManager/Unified Communications Manager Input Validation Holes Permit Cross-Site Scripting and SQL Injection Attacks - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-4633","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-4633","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"3.3\\(5\\)sr1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"3.3\\(5\\)sr2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"3.3\\(5\\)sr2a","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.1\\(3\\)sr1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.1\\(3\\)sr2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.1\\(3\\)sr3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.1\\(3\\)sr4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.2\\(1\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.2\\(2\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.2\\(3\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.2\\(3\\)sr1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.2\\(3\\)sr2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.3\\(1\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"call_manager","cpe6":"4.3\\(1\\)sr1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"unified_communications_manager","cpe6":"4.2.3sr2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"unified_communications_manager","cpe6":"4.2.3sr2b","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T15:01:10.199Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1018624","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1018624"},{"name":"20070829 XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml"},{"name":"26641","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26641"},{"name":"cisco-cucm-admin-xss(36325)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36325"},{"name":"25480","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/25480"},{"name":"ADV-2007-3010","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/3010"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-08-29T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"1018624","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1018624"},{"name":"20070829 XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml"},{"name":"26641","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26641"},{"name":"cisco-cucm-admin-xss(36325)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36325"},{"name":"25480","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/25480"},{"name":"ADV-2007-3010","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/3010"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-4633","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1018624","refsource":"SECTRACK","url":"http://securitytracker.com/id?1018624"},{"name":"20070829 XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page","refsource":"CISCO","url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml"},{"name":"26641","refsource":"SECUNIA","url":"http://secunia.com/advisories/26641"},{"name":"cisco-cucm-admin-xss(36325)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36325"},{"name":"25480","refsource":"BID","url":"http://www.securityfocus.com/bid/25480"},{"name":"ADV-2007-3010","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3010"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-4633","datePublished":"2007-08-31T23:00:00.000Z","dateReserved":"2007-08-31T00:00:00.000Z","dateUpdated":"2024-08-07T15:01:10.199Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-08-31 23:17:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-79","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*","matchCriteriaId":"19432E5E-EA68-4B7A-8B99-DEBACBC3F160"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*","matchCriteriaId":"ABE4CD8E-F27C-4F96-B955-FC1E71B5D55B"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:3.3\\(5\\)sr1:*:*:*:*:*:*:*","matchCriteriaId":"B6049596-9D62-4EC4-BEAE-A2023F6F3346"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:3.3\\(5\\)sr2:*:*:*:*:*:*:*","matchCriteriaId":"87560280-EF6A-46DC-9368-0C98E0A5B7E8"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:3.3\\(5\\)sr2a:*:*:*:*:*:*:*","matchCriteriaId":"F977BD4D-308D-4415-9302-5C44238881A7"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.1:*:*:*:*:*:*:*","matchCriteriaId":"373E71AE-C735-4476-A574-56C35BAD8DB0"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr1:*:*:*:*:*:*:*","matchCriteriaId":"9F9AA9D0-3205-4A5D-8161-C80D1855D91E"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr2:*:*:*:*:*:*:*","matchCriteriaId":"B771F3F8-CD24-4710-A7A8-D4F9E0DB4BB2"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr3:*:*:*:*:*:*:*","matchCriteriaId":"71DA8A99-A678-42F8-AFC5-323E77D9BCC5"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr4:*:*:*:*:*:*:*","matchCriteriaId":"D3C30434-29FD-45D4-B9D8-BEB65FE4471A"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.2:*:*:*:*:*:*:*","matchCriteriaId":"7FA55FCB-FFFB-495F-86A8-262E7995B519"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.2\\(1\\):*:*:*:*:*:*:*","matchCriteriaId":"E6ECFC2B-9978-46FF-BC4E-A81B9B835E29"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.2\\(2\\):*:*:*:*:*:*:*","matchCriteriaId":"3979687E-2BDE-42CD-ACF6-5EE3AF6CD5B2"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.2\\(3\\):*:*:*:*:*:*:*","matchCriteriaId":"EB63E43F-96D1-442E-8AA7-B0183117F6A4"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.2\\(3\\)sr1:*:*:*:*:*:*:*","matchCriteriaId":"86960ABE-F133-49EE-A8E3-70CF1DD93ADC"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.2\\(3\\)sr2:*:*:*:*:*:*:*","matchCriteriaId":"36C8C9AA-8AA2-40C2-88A2-0860543601C6"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.3:*:*:*:*:*:*:*","matchCriteriaId":"98B77A94-5477-4703-9421-2266EC603319"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.3\\(1\\):*:*:*:*:*:*:*","matchCriteriaId":"5AF86C50-A2B2-4944-8361-C67766DCA2DA"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:call_manager:4.3\\(1\\)sr1:*:*:*:*:*:*:*","matchCriteriaId":"C98C1833-23B0-4559-BA64-A8BD30828ACB"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"4633","Ordinal":"1","Title":"CVE-2007-4633","CVE":"CVE-2007-4633","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"4633","Ordinal":"1","NoteData":"Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728.","Type":"Description","Title":"CVE-2007-4633"},{"CveYear":"2007","CveId":"4633","Ordinal":"2","NoteData":"2007-08-31","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"4633","Ordinal":"3","NoteData":"2017-07-28","Type":"Other","Title":"Modified"}]}}}