CVE-2007-5638

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID number field of an RUDP datagram, which makes it easier for remote attackers to guess the RUDP ID and spoof messages. NOTE: this can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages.

El Nortel UNIStim IP Softphone 2050, IP Phone 1140E, y productos adicionales Nortel desde el IP Phone, Business Communications Manager (BCM), y otras líneas de productos, utilizan solamente diferentes valores 65536 en el campo número ID de 32-bit de un datagrama RUDP, lo cual hace más fácil a los atacantes remotos adivinar el RUDP ID y mensajes falsos. NOTA: esto podría solaparse con un ataque espia a través del envío de mensajes Audio Stream.

*Credits: N/A

CVSS Scores

NISTv2 4.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-10-23 CVE Reserved
2007-10-23 CVE Published
2024-08-07 CVE Updated
2024-08-07 First Exploit
2024-08-26 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-310: Cryptographic Issues

CAPEC

References (8)

URL	Tag	Source
http://osvdb.org/41770	Vdb Entry
http://securityreason.com/securityalert/3272	Third Party Advisory
http://www.securityfocus.com/archive/1/482478/100/0/threaded	Mailing List
https://exchange.xforce.ibmcloud.com/vulnerabilities/37255	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/42881	Vdb Entry

URL	Date	SRC
http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.txt	2024-08-07
http://www.securityfocus.com/bid/26120	2024-08-07

URL	Date	SRC
http://secunia.com/advisories/27234	2018-10-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Match found for: AND_3_NODES_OR__AP_AP_AP_PART1_MIXED__VULN0_False_VULN1_False_VULN2_True

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status