// For flags

CVE-2007-3322

 

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service (audio quality loss) via a flood of packets to the RTP port.

El Avaya 4602 SW IP Phone (Model 4602D02A) con software empotrado (firmware) SIP 2.2.2 y versiones anteriores utiliza una media constante de número de puertos para las llamadas, lo que puede permitir a atacantes remotos provocar una denegación de servicio (pérdida de calidad de sonido) a través de una inundación de paquetes al puerto RTP.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-06-21 CVE Reserved
  • 2007-06-21 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Avaya
Search vendor "Avaya"
4602sw Ip Phone
Search vendor "Avaya" for product "4602sw Ip Phone"
<= r2.2
Search vendor "Avaya" for product "4602sw Ip Phone" and version " <= r2.2"
-
Affected