| Vulnerability Name: | CVE-2007-3321 (CCN-34970) | ||||||||
| Assigned: | 2007-06-19 | ||||||||
| Published: | 2007-06-19 | ||||||||
| Updated: | 2017-07-29 | ||||||||
| Summary: | The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware allows remote attackers to cause a denial of service (device reboot) via a flood of packets to the BOOTP port (68/udp). | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P) 4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2007-3321 Source: OSVDB Type: UNKNOWN 38117 Source: CCN Type: SA25747 Avaya 4602SW SIP Phone Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 25747 Source: CONFIRM Type: Vendor Advisory http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm Source: CCN Type: ASA-2007-263 Vulnerabilities in Avaya 4602SW SIP Phone (VIPER-2007-046 VIPER-2007-047 VIPER-2007-048 VIPER-2007-049) Source: CCN Type: Avaya Web site VPNRemote Client Source: CCN Type: OSVDB ID: 38117 Avaya 4602 SW IP Phone BOOTP Port Saturation DoS Source: CCN Type: VIPER-2007-048 Flooding open UDP port on Avaya 4602SW IP Phone may cause denial of service Source: MISC Type: Vendor Advisory http://www.sipera.com/index.php?action=resources,threat_advisory&tid=301& Source: XF Type: UNKNOWN avaya-udp-port-dos(34970) Source: XF Type: UNKNOWN avaya-udp-port-dos(34970) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||