What is the severity of CVE-2007-1491?

CVE-2007-1491 is considered a medium severity vulnerability due to its potential for exposing systems to external attacks.

How do I fix CVE-2007-1491?

To mitigate CVE-2007-1491, it is recommended to restrict access to port 8009 by implementing firewall rules or removing the service entirely if it is not needed.

What software is affected by CVE-2007-1491?

CVE-2007-1491 affects Avaya S87XX, S8500, S8300 systems running before CM version 3.1.3 and Avaya Aura SIP Enablement Services.

What type of attacks could be launched through CVE-2007-1491?

CVE-2007-1491 could allow unauthorized access or attacks such as data interception and service disruption due to external connections on port 8009.

Is there a workaround for CVE-2007-1491?

As a workaround for CVE-2007-1491, users can disable the AJP connector on Tomcat or ensure that the relevant ports are not exposed to untrusted networks.

Vulnerability/
CVE-2007-1491

medium

5.2

CWE

NVD-CWE-Other

16/3/2007

7/8/2024

CVE-2007-1491

First published: Fri Mar 16 2007(Updated: )

Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Avaya S8500	<=cm_3.1.2
Avaya Aura SIP Enablement Services
avaya s8700	<=cm_3.1.2
Avaya S8300	<=cm_3.1.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-1491?
CVE-2007-1491 is considered a medium severity vulnerability due to its potential for exposing systems to external attacks.
How do I fix CVE-2007-1491?
To mitigate CVE-2007-1491, it is recommended to restrict access to port 8009 by implementing firewall rules or removing the service entirely if it is not needed.
What software is affected by CVE-2007-1491?
CVE-2007-1491 affects Avaya S87XX, S8500, S8300 systems running before CM version 3.1.3 and Avaya Aura SIP Enablement Services.
What type of attacks could be launched through CVE-2007-1491?
CVE-2007-1491 could allow unauthorized access or attacks such as data interception and service disruption due to external connections on port 8009.
Is there a workaround for CVE-2007-1491?
As a workaround for CVE-2007-1491, users can disable the AJP connector on Tomcat or ensure that the relevant ports are not exposed to untrusted networks.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/references
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/avaya
canonical/avaya s8500
version/avaya s8500/cm_3.1.2
canonical/avaya aura sip enablement services
canonical/avaya s8700
version/avaya s8700/cm_3.1.2
canonical/avaya s8300
version/avaya s8300/cm_3.1.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.