CVE-2007-3319 in 4602SW IP Phoneinfo

Summary

The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

06/21/2007

Disclosure

06/21/2007

Moderation

VulDB entry created

Entries

1: VDB-37385

CPE

ready

CWE

CWE-300 (Unconfirmed)

CVSS

7.3

EPSS

0.01662

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-3319
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3319
CVE Details	https://www.cvedetails.com/cve/CVE-2007-3319/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!