CVE-2007-3320

Published Jun 21, 2007

Last updated a year ago

Overview

Description: The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:avaya:4602sw_ip_phone:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D14C016C-E4E3-4FBA-B0BC-C06CE3E4154F",
            "versionEndIncluding": "r2.2"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References