CVE-2008-6564

critical

Description

Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/41801

http://www.voipshield.com/research-details.php?id=27&s=4&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC

http://www.securitytracker.com/id?1019847

http://www.securityfocus.com/bid/28691

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455

http://secunia.com/advisories/29747

http://osvdb.org/44379

Details

Source: Mitre, NVD

Published: 2009-03-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.02173

Detections

Analytics