Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2007-5637
HistoryOct 23, 2007 - 5:46 p.m.

CVE-2007-5637

2007-10-2317:46:00
CWE-200
mitre
web.nvd.nist.gov
28
nortel
unistim
ip softphone
ip phone
bcm
eavesdropping
surveillance
remote attack

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

0.069

Percentile

94.0%

JSON

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables “surveillance mode.” NOTE: issues relating to a small ID number space can be leveraged to make this attack easier.

Affected configurations

Nvd
Node
nortelmultimedia_communication_server_5100
OR
nortelmultimedia_communication_server_5200
AND
nortelcommunications_serverMatch1000e
OR
nortelcommunications_serverMatch1000m
OR
nortelcommunications_serverMatch1000s
OR
nortelcommunications_serverMatch2100
OR
nortelip_audio_conference_phone_2033
OR
nortelip_phone_1110
OR
nortelip_phone_1120e
OR
nortelip_phone_1140e
OR
nortelip_phone_1150e
OR
nortelip_phone_2001
OR
nortelip_phone_2002
OR
nortelip_phone_2004
OR
nortelip_phone_2007
OR
nortelwlan_handset_2210
OR
nortelwlan_handset_2211
OR
nortelwlan_handset_2212
OR
nortelwlan_handset_6120
OR
nortelwlan_handset_6140
AND
nortelbusiness_communications_managerMatch50
OR
nortelbusiness_communications_managerMatch50a
OR
nortelbusiness_communications_managerMatch50e
OR
nortelbusiness_communications_managerMatch200
OR
nortelbusiness_communications_managerMatch400
OR
nortelbusiness_communications_managerMatch1000
OR
nortelbusiness_communications_managerMatchsrg50
OR
nortelbusiness_communications_managerMatchsrg200
OR
nortelcentrex_ip_client_manager
OR
nortelcentrex_ip_element_manager
OR
nortelmeridian_option_11c
OR
nortelmeridian_option_51c
OR
nortelmeridian_option_61c
OR
nortelmeridian_option_81c
OR
nortelmeridian_sl100Matchcs2100
OR
nortelmobile_voice_client_2050
VendorProductVersionCPE
nortelmultimedia_communication_server_5100*cpe:2.3:a:nortel:multimedia_communication_server_5100:*:*:*:*:*:*:*:*
nortelmultimedia_communication_server_5200*cpe:2.3:a:nortel:multimedia_communication_server_5200:*:*:*:*:*:*:*:*
nortelcommunications_server1000ecpe:2.3:a:nortel:communications_server:1000e:*:*:*:*:*:*:*
nortelcommunications_server1000mcpe:2.3:a:nortel:communications_server:1000m:*:*:*:*:*:*:*
nortelcommunications_server1000scpe:2.3:a:nortel:communications_server:1000s:*:*:*:*:*:*:*
nortelcommunications_server2100cpe:2.3:a:nortel:communications_server:2100:*:*:*:*:*:*:*
nortelip_audio_conference_phone_2033*cpe:2.3:h:nortel:ip_audio_conference_phone_2033:*:*:*:*:*:*:*:*
nortelip_phone_1110*cpe:2.3:h:nortel:ip_phone_1110:*:*:*:*:*:*:*:*
nortelip_phone_1120e*cpe:2.3:h:nortel:ip_phone_1120e:*:*:*:*:*:*:*:*
nortelip_phone_1140e*cpe:2.3:h:nortel:ip_phone_1140e:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 361

Related

cvelist 1
prion 1
nvd 1
exploitdb 1
cvelist
cvelist
CVE-2007-5637
2007-10-23 17:00:00
prion
prion
Design/Logic Flaw
2007-10-23 17:46:00
nvd
nvd
CVE-2007-5637
2007-10-23 17:46:00
exploitdb
exploitdb
Nortel Networks - Multiple UNIStim VoIP Products Remote Eavesdrop Vulnerabilities
2007-10-18 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

0.069

Percentile

94.0%

JSON
Related for CVE-2007-5637
cvelist1prion1nvd1exploitdb1