Lucene search

[email protected]NVD:CVE-2007-4498

HistoryAug 23, 2007 - 7:17 p.m.

CVE-2007-4498

2007-08-2319:17:00

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:P/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.776 High

EPSS

Percentile

98.2%

JSON

The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone’s local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain “SIP/2.0 183 Session Progress” message.

Affected configurations

NVD

Node

grandstreamsip_phoneMatchgxv-30001.0.0.18_boot

grandstreamsip_phoneMatchgxv-30001.0.0.6_loader

grandstreamsip_phoneMatchgxv-30001.0.1.7_firmware

References

lists.grok.org.uk/pipermail/full-disclosure/2007-August/065417.html

osvdb.org/40185

secunia.com/advisories/26568

securityreason.com/securityalert/3059

www.securityfocus.com/bid/25399

www.securitytracker.com/id?1018598

www.vupen.com/english/advisories/2007/2970

exchange.xforce.ibmcloud.com/vulnerabilities/36170

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:P/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.776 High

EPSS

Percentile

98.2%

JSON

Related for NVD:CVE-2007-4498

cvelist1 prion1 cve1