{"api_version":"1","generated_at":"2026-04-22T21:37:11+00:00","cve":"CVE-2007-3320","urls":{"html":"https://cve.report/CVE-2007-3320","api":"https://cve.report/api/cve/CVE-2007-3320.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-3320","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-3320"},"summary":{"title":"CVE-2007-3320","description":"The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2007-06-21 18:30:00","updated_at":"2023-11-07 02:00:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"http://www.sipera.com/index.php?action=resources,threat_advisory&tid=300&","name":"http://www.sipera.com/index.php?action=resources,threat_advisory&tid=300&","refsource":"MISC","tags":["Vendor Advisory"],"title":"Sipera.com","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://osvdb.org/38116","name":"38116","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm","name":"http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"ASA-2007-263 (VIPER-2007-046, VIPER-2007-047, VIPER-2007-048, VIPER-2007-049)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=300&","name":"http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=300&","refsource":"","tags":[],"title":"Sipera.com","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/24544","name":"24544","refsource":"BID","tags":[],"title":"Avaya 4602SW IP Phone Security Bypass Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34971","name":"avaya-sipinvite-security-bypass(34971)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/25747","name":"25747","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Avaya 4602SW SIP Phone Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-3320","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-3320","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"3320","vulnerable":"1","versionEndIncluding":"r2.2","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"avaya","cpe5":"4602sw_ip_phone","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-3320","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"avaya-sipinvite-security-bypass(34971)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34971"},{"name":"http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm","refsource":"CONFIRM","url":"http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm"},{"name":"http://www.sipera.com/index.php?action=resources,threat_advisory&tid=300&","refsource":"MISC","url":"http://www.sipera.com/index.php?action=resources,threat_advisory&tid=300&"},{"name":"24544","refsource":"BID","url":"http://www.securityfocus.com/bid/24544"},{"name":"25747","refsource":"SECUNIA","url":"http://secunia.com/advisories/25747"},{"name":"38116","refsource":"OSVDB","url":"http://osvdb.org/38116"}]}},"nvd":{"publishedDate":"2007-06-21 18:30:00","lastModifiedDate":"2023-11-07 02:00:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:h:avaya:4602sw_ip_phone:*:*:*:*:*:*:*:*","versionEndIncluding":"r2.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"3320","Ordinal":"25952","Title":"CVE-2007-3320","CVE":"CVE-2007-3320","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"3320","Ordinal":"1","NoteData":"The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact.","Type":"Description","Title":null},{"CveYear":"2007","CveId":"3320","Ordinal":"2","NoteData":"2007-06-21","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"3320","Ordinal":"3","NoteData":"2017-07-28","Type":"Other","Title":"Modified"}]}}}