CVE-2007-3322

Severity

50%

Complexity

99%

Confidentiality

48%

The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service (audio quality loss) via a flood of packets to the RTP port.

The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service (audio quality loss) via a flood of packets to the RTP port.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

First reported 17 years ago

2007-06-21 18:30:00

Last updated 7 years ago

2017-07-29 01:32:00

Affected Software

Avaya 4602SW IP Phone

References

38118

25747

Vendor Advisory

http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm

Vendor Advisory

http://www.sipera.com/index.php?action=resources,threat_advisory&tid=302&

Vendor Advisory

avaya-rtp-port-weak-security(34968)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.