PT-2007-3836 · Alcatel Lucent · Ip-Touch Telephone+1

Published

2007-06-07

Updated

2018-10-16

CVE-2007-2512

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise versions 7.0 and later

Description The issue allows attackers to gain access to the voice VLAN via daisy-chained systems because the mini switch is enabled by default.

Recommendations For OmniPCX Enterprise versions 7.0 and later, consider disabling the mini switch to prevent unauthorized access to the voice VLAN.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2512

Affected Products

Ip-Touch Telephone

Omnipcx Enterprise

PT-2007-3836 · Alcatel Lucent · Ip-Touch Telephone+1

CVE-2007-2512

Related Identifiers

Affected Products

References · 6