Vulnerability Description
Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.
CVSS Score
5.2
MEDIUM
AV:A/AC:L/Au:S/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Avaya | Sip Enablement Services | All versions |
| Avaya | S8300 | <= cm_3.1.2 |
| Avaya | S8500 | <= cm_3.1.2 |
| Avaya | S8700 | <= cm_3.1.2 |
References
- http://secunia.com/advisories/24434Vendor Advisory
- http://support.avaya.com/elmodocs2/security/ASA-2007-051.htmVendor Advisory
- http://www.osvdb.org/33346
- http://secunia.com/advisories/24434Vendor Advisory
- http://support.avaya.com/elmodocs2/security/ASA-2007-051.htmVendor Advisory
- http://www.osvdb.org/33346
FAQ
What is CVE-2007-1491?
CVE-2007-1491 is a vulnerability with a CVSS score of 5.2 (MEDIUM). Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.
How severe is CVE-2007-1491?
CVE-2007-1491 has been rated MEDIUM with a CVSS base score of 5.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1491?
Check the references section above for vendor advisories and patch information. Affected products include: Avaya Sip Enablement Services, Avaya S8300, Avaya S8500, Avaya S8700.