Avaya 4602SW SIP Phone Cnonce Parameter Authentication Spoofing Vulnerability

info
discussion
exploit
solution
references

Avaya 4602SW SIP Phone Cnonce Parameter Authentication Spoofing Vulnerability

The Avaya 4602SW SIP Phone and SIP call server is prone to an authentication-spoofing vulnerability.

This allows an attacker to impersonate a SIP call server, compromising the confidentiality of a victim's phone conversations.