Lucene search

[email protected]NVD:CVE-2007-3347

HistoryJun 22, 2007 - 6:30 p.m.

CVE-2007-3347

2007-06-2218:30:00

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:C/A:N

6.8 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.3%

JSON

The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server’s IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID.

Affected configurations

NVD

Node

d-linkdph-540Match1.00.03

d-linkdph-540Match1.00.14

d-linkdph-541Match1.00.03

d-linkdph-541Match1.00.14

References

secunia.com/advisories/25803

www.securityfocus.com/bid/24560

www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=219&

www.vupen.com/english/advisories/2007/2320

exchange.xforce.ibmcloud.com/vulnerabilities/35063

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:C/A:N

6.8 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.3%

JSON

Related for NVD:CVE-2007-3347

prion1 cvelist1 cve1