CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
87.2%
Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.
Vendor | Product | Version | CPE |
---|---|---|---|
nortel | communication_server_1000 | * | cpe:2.3:a:nortel:communication_server_1000:*:*:*:*:*:*:*:* |
nortel | unistim_protocol | * | cpe:2.3:h:nortel:unistim_protocol:*:*:*:*:*:*:*:* |
osvdb.org/44379
secunia.com/advisories/29747
support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455
www.securityfocus.com/bid/28691
www.securitytracker.com/id?1019847
www.voipshield.com/research-details.php?id=27&s=4&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC
exchange.xforce.ibmcloud.com/vulnerabilities/41801