) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:h:avaya:4602sw_ip_phone:r2.2:*:*:*:*:*:*:*
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2007-3319 |
The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications. Published: June 21, 2007; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2007-3320 |
The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact. Published: June 21, 2007; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2007-3321 |
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware allows remote attackers to cause a denial of service (device reboot) via a flood of packets to the BOOTP port (68/udp). Published: June 21, 2007; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2007-3322 |
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service (audio quality loss) via a flood of packets to the RTP port. Published: June 21, 2007; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |