Unrated severityNVD Advisory· Published Jun 21, 2007· Updated Jun 16, 2026
CVE-2007-3319
CVE-2007-3319
Description
The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:h:avaya:4602sw_ip_phone:r2.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:avaya:4602sw_ip_phone:r2.2:*:*:*:*:*:*:*
- (no CPE)range: <=2.2.2
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.