{"api_version":"1","generated_at":"2026-04-23T14:22:41+00:00","cve":"CVE-2007-5539","urls":{"html":"https://cve.report/CVE-2007-5539","api":"https://cve.report/api/cve/CVE-2007-5539.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-5539","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-5539"},"summary":{"title":"CVE-2007-5539","description":"Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-10-18 00:17:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-noinfo","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"9","severity":"","vector":"AV:N/AC:L/Au:S/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37248","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37248","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml","name":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco Security Advisory: Cisco Unified Communications Web-based Management Vulnerability - Cisco Systems","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/37938","name":"http://osvdb.org/37938","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2007/3533","name":"http://www.vupen.com/english/advisories/2007/3533","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/26106","name":"http://www.securityfocus.com/bid/26106","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco Unified Communications Management Applications Privilege Escalation Vulneraiblity","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securitytracker.com/id?1018829","name":"http://www.securitytracker.com/id?1018829","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco Unified Contact Center Grants Access to Certain Users to Read Web View Report Information - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27214","name":"http://secunia.com/advisories/27214","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Cisco Products Unspecified Unauthorized Access Vulnerability - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-5539","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5539","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"5539","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"unified_contact_center_enterprise","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5539","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"unified_contact_center_enterprise","cpe6":"7.1\\(5\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5539","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"unified_contact_center_hosted","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5539","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"unified_icm_hosted","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5539","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"unified_intelligent_contact_management_enterprise","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T15:31:59.010Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20071017 Cisco Unified Communications Web-based Management Vulnerability","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml"},{"name":"ADV-2007-3533","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/3533"},{"name":"37938","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/37938"},{"name":"cisco-webview-unauthorized-access(37248)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37248"},{"name":"1018829","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1018829"},{"name":"27214","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27214"},{"name":"26106","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/26106"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-10-17T00:00:00.000Z","descriptions":[{"lang":"en","value":"Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20071017 Cisco Unified Communications Web-based Management Vulnerability","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml"},{"name":"ADV-2007-3533","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/3533"},{"name":"37938","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/37938"},{"name":"cisco-webview-unauthorized-access(37248)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37248"},{"name":"1018829","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1018829"},{"name":"27214","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27214"},{"name":"26106","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/26106"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-5539","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20071017 Cisco Unified Communications Web-based Management Vulnerability","refsource":"CISCO","url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda12.shtml"},{"name":"ADV-2007-3533","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3533"},{"name":"37938","refsource":"OSVDB","url":"http://osvdb.org/37938"},{"name":"cisco-webview-unauthorized-access(37248)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37248"},{"name":"1018829","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1018829"},{"name":"27214","refsource":"SECUNIA","url":"http://secunia.com/advisories/27214"},{"name":"26106","refsource":"BID","url":"http://www.securityfocus.com/bid/26106"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-5539","datePublished":"2007-10-18T00:00:00.000Z","dateReserved":"2007-10-17T00:00:00.000Z","dateUpdated":"2024-08-07T15:31:59.010Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-10-18 00:17:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-noinfo","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*","matchCriteriaId":"C72EB4AF-531A-4EA3-A10E-4F8344C52F49"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\\(5\\):*:*:*:*:*:*:*","matchCriteriaId":"B5AE16C9-6712-4964-B32E-3D5BE09B19ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_contact_center_hosted:*:*:*:*:*:*:*:*","matchCriteriaId":"D98D843F-F954-4398-852B-9DBD76AD7EE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_icm_hosted:*:*:*:*:*:*:*:*","matchCriteriaId":"36F355CE-F84F-47ED-9D4A-BB67074F763C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_intelligent_contact_management_enterprise:*:*:*:*:*:*:*:*","matchCriteriaId":"19D8C181-8AEA-4383-B2B0-CBB8F59115C3"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"5539","Ordinal":"1","Title":"CVE-2007-5539","CVE":"CVE-2007-5539","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"5539","Ordinal":"1","NoteData":"Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686.","Type":"Description","Title":"CVE-2007-5539"},{"CveYear":"2007","CveId":"5539","Ordinal":"2","NoteData":"2007-10-17","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"5539","Ordinal":"3","NoteData":"2017-07-28","Type":"Other","Title":"Modified"}]}}}