CVE-2007-2334 - Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.3

CVE-2007-2334

Summary

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests. The vendor has addressed this issue with the following product update: http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null

References

Vulnerable Configurations

cpe:2.3:h:nortel:contivity:1000_vpn_switch:*:*:*:*:*:*:*
cpe:2.3:h:nortel:contivity:1000_vpn_switch:*:*:*:*:*:*:*
cpe:2.3:h:nortel:contivity:2000_vpn_switch:*:*:*:*:*:*:*
cpe:2.3:h:nortel:contivity:2000_vpn_switch:*:*:*:*:*:*:*
cpe:2.3:h:nortel:contivity:4000_vpn_switch:*:*:*:*:*:*:*
cpe:2.3:h:nortel:contivity:4000_vpn_switch:*:*:*:*:*:*:*
cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 08-03-2011 - 02:54)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	23562
confirm	http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null
osvdb	35056
sectrack	1017943
secunia	24962
vupen	ADV-2007-1464

Last major update

08-03-2011 - 02:54

Published

27-04-2007 - 16:19

Last modified

08-03-2011 - 02:54