Lucene search

[email protected]NVD:CVE-2008-5871

HistoryJan 08, 2009 - 6:30 p.m.

CVE-2008-5871

2009-01-0818:30:04

CWE-255

[email protected]

web.nvd.nist.gov

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.4%

JSON

Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoop command.

Affected configurations

NVD

Node

nortelmultimedia_communication_server_5100Match3.0.13

References

secunia.com/advisories/32203

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=775223

voipshield.com/research-details.php?id=119

www.securityfocus.com/bid/31640

www.vupen.com/english/advisories/2008/2779

exchange.xforce.ibmcloud.com/vulnerabilities/45752

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.4%

JSON

Related for NVD:CVE-2008-5871

cvelist1 cve1 prion1