Lucene search

[email protected]CVE-2007-2333

HistoryApr 27, 2007 - 4:19 p.m.

CVE-2007-2333

2007-04-2716:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

nortel

vpn

router

contivity

cve-2007-2333

security

vulnerability

default accounts

ldap

remote access

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.5%

JSON

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network.

CPENameOperatorVersion
nortel:vpn_router_portfolionortel vpn router portfolioeq*
nortel:vpn_router_5000nortel vpn router 5000eq*
nortel:contivitynortel contivityeq2000_vpn_switch
nortel:contivitynortel contivityeq1000_vpn_switch
nortel:contivitynortel contivityeq4000_vpn_switch

CPE	Name	Operator	Version
nortel:vpn_router_portfolio	nortel vpn router portfolio	eq	*
nortel:vpn_router_5000	nortel vpn router 5000	eq	*
nortel:contivity	nortel contivity	eq	2000_vpn_switch
nortel:contivity	nortel contivity	eq	1000_vpn_switch
nortel:contivity	nortel contivity	eq	4000_vpn_switch

References

osvdb.org/35055

secunia.com/advisories/24962

www.securityfocus.com/bid/23562

www.securitytracker.com/id?1017943

www.vupen.com/english/advisories/2007/1464

www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.5%

JSON

Related for CVE-2007-2333

cvelist1 prion1