Vulnerability Description
Nortel Networks CallPilot and Meridian Mail voicemail systems, when a mailbox has auto logon enabled, allow remote attackers to retrieve or remove messages, or reconfigure the mailbox, by spoofing Calling Number Identification (CNID, aka Caller ID).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nortel | Callpilot | All versions |
| Nortel | Meridian Mail | All versions |
References
- http://osvdb.org/34983
- http://www.kb.cert.org/vuls/id/726548US Government Resource
- http://www.kb.cert.org/vuls/id/AAMN-5N2QFX
- http://osvdb.org/34983
- http://www.kb.cert.org/vuls/id/726548US Government Resource
- http://www.kb.cert.org/vuls/id/AAMN-5N2QFX
FAQ
What is CVE-2007-1820?
CVE-2007-1820 is a vulnerability with a CVSS score of 9.3 (HIGH). Nortel Networks CallPilot and Meridian Mail voicemail systems, when a mailbox has auto logon enabled, allow remote attackers to retrieve or remove messages, or reconfigure the mailbox, by spoofing Cal...
How severe is CVE-2007-1820?
CVE-2007-1820 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1820?
Check the references section above for vendor advisories and patch information. Affected products include: Nortel Callpilot, Nortel Meridian Mail.