VYPR
Unrated severityNVD Advisory· Published Jun 21, 2007· Updated Jun 16, 2026

CVE-2007-3319

CVE-2007-3319

Description

The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:h:avaya:4602sw_ip_phone:r2.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:avaya:4602sw_ip_phone:r2.2:*:*:*:*:*:*:*
    • (no CPE)range: <=2.2.2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.