CVE-2007-2332
Published Apr 27, 2007
Last updated 14 years ago
Overview
- Description
- Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1010:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "370BE654-2A89-4FA9-BE88-3E4CA19441FC"
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1050:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD74483C-842C-4E01-A786-C34866B548FA"
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1100:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DC585A5-DBBE-4236-801A-F52523A5C5DF"
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1700:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B922ADAB-F42F-4113-8222-0493FE74CF6F"
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1740:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF2FF1CE-97F7-4951-8FD7-59657670BF05"
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1750:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B7D4D62-CB44-437C-A30C-F65DB36DE01F"
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_2700:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23377D6E-6C2C-425B-A6DC-E5319B327DC3"
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9050DFE2-99C6-41F0-AD1D-5EDFB9B15D8C"
}
],
"operator": "OR"
}
]
}
]