CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
91.7%
The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message originated from a legitimate server, which allows remote attackers to send spoofed INVITE messages, as demonstrated by a flood of messages triggering a denial of service, and by phone calls with malicious content.
Vendor | Product | Version | CPE |
---|---|---|---|
vonage | motorola_phone_adapter_vt2142-vd | * | cpe:2.3:h:vonage:motorola_phone_adapter_vt2142-vd:*:*:*:*:*:*:*:* |
osvdb.org/38524
osvdb.org/38525
secunia.com/advisories/27380
www.securityfocus.com/bid/26129
www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=357
www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=360
exchange.xforce.ibmcloud.com/vulnerabilities/37416
exchange.xforce.ibmcloud.com/vulnerabilities/37420
More