Vulnerability Description
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nortel | Contivity | 1000_vpn_switch |
| Nortel | Vpn Router 5000 | All versions |
References
- http://osvdb.org/35056
- http://secunia.com/advisories/24962PatchVendor Advisory
- http://www.securityfocus.com/bid/23562
- http://www.securitytracker.com/id?1017943Patch
- http://www.vupen.com/english/advisories/2007/1464
- http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877PatchVendor Advisory
- http://osvdb.org/35056
- http://secunia.com/advisories/24962PatchVendor Advisory
- http://www.securityfocus.com/bid/23562
- http://www.securitytracker.com/id?1017943Patch
- http://www.vupen.com/english/advisories/2007/1464
- http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877PatchVendor Advisory
FAQ
What is CVE-2007-2334?
CVE-2007-2334 is a vulnerability with a CVSS score of 7.5 (HIGH). Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which all...
How severe is CVE-2007-2334?
CVE-2007-2334 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2334?
Check the references section above for vendor advisories and patch information. Affected products include: Nortel Contivity, Nortel Vpn Router 5000.