CVE-2008-5871

critical

Description

Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoop command.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45752

http://www.vupen.com/english/advisories/2008/2779

http://www.securityfocus.com/bid/31640

http://voipshield.com/research-details.php?id=119

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=775223

http://secunia.com/advisories/32203

Details

Source: Mitre, NVD

Published: 2009-01-08

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.01039

Detections

Analytics