1. CVE-Search
  2. CVE-2007-3320
ID CVE-2007-3320
Summary The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact.
References
Vulnerable Configurations
  • cpe:2.3:h:avaya:4602sw_ip_phone:-:*:*:*:*:*:*:*
    cpe:2.3:h:avaya:4602sw_ip_phone:-:*:*:*:*:*:*:*
  • cpe:2.3:h:avaya:4602sw_ip_phone:r2.2:*:*:*:*:*:*:*
    cpe:2.3:h:avaya:4602sw_ip_phone:r2.2:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 24544
confirm http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm
misc http://www.sipera.com/index.php?action=resources,threat_advisory&tid=300&
osvdb 38116
secunia 25747
xf avaya-sipinvite-security-bypass(34971)
Last major update 29-07-2017 - 01:32
Published 21-06-2007 - 18:30
Last modified 29-07-2017 - 01:32
Back to Top