← Back

Nortel

nortel

44 CVEs • 88 products

Products (88)

Click to collapse
Toggle
Contivity
contivity
9 CVEs
Mobile Voice Client 2050
mobile_voice_client_2050
6 CVEs
Business Communications Manager
business_communications_manager
5 CVEs
Ip Softphone 2050
ip_softphone_2050
5 CVEs
Vpn Router 5000
vpn_router_5000
4 CVEs
Meridian Option 11c
meridian_option_11c
4 CVEs
Meridian Option 51c
meridian_option_51c
4 CVEs
Meridian Option 61c
meridian_option_61c
4 CVEs
Meridian Option 81c
meridian_option_81c
4 CVEs
Cs1000
cs1000
4 CVEs
Centrex Ip Client Manager
centrex_ip_client_manager
3 CVEs
Centrex Ip Element Manager
centrex_ip_element_manager
3 CVEs
Meridian Sl100
meridian_sl100
3 CVEs
Succession Communication Server 1000
succession_communication_server_1000
2 CVEs
Optivity Telephony Manager
optivity_telephony_manager
2 CVEs
Symposium Web Centre Portal
symposium_web_centre_portal
2 CVEs
Symposium Web Client
symposium_web_client
2 CVEs
Vpn Router 1010
vpn_router_1010
2 CVEs
Vpn Router 1050
vpn_router_1050
2 CVEs
Vpn Router 1100
vpn_router_1100
2 CVEs
Vpn Router 1700
vpn_router_1700
2 CVEs
Vpn Router 1740
vpn_router_1740
2 CVEs
Vpn Router 2700
vpn_router_2700
2 CVEs
Callpilot
callpilot
2 CVEs
Multimedia Communication Server 5100
multimedia_communication_server_5100
2 CVEs
Nautica Marlin
nautica_marlin
1 CVE
Alteon Acedirector
alteon_acedirector
1 CVE
Cvx 1800 Multi Service Access Switch
cvx_1800_multi-service_access_switch
1 CVE
Succession Communication Server 2000
succession_communication_server_2000
1 CVE
802.11 Wireless Ip Gateway
802.11_wireless_ip_gateway
1 CVE
Media Communication Server 5100
media_communication_server_5100
1 CVE
Media Communication Server 5200
media_communication_server_5200
1 CVE
Media Processing Server
media_processing_server
1 CVE
Periphonics
periphonics
1 CVE
Symposium Agent
symposium_agent
1 CVE
Symposium Network Control Center
symposium_network_control_center
1 CVE
Symposium Tapi Service Provider
symposium_tapi_service_provider
1 CVE
Symposium Call Center Server
symposium_call_center_server
1 CVE
Symposium Express Call Center
symposium_express_call_center
1 CVE
Wlan Access Point 2220
wlan_access_point_2220
1 CVE
Wlan Access Point 2221
wlan_access_point_2221
1 CVE
Wlan Access Point 2225
wlan_access_point_2225
1 CVE
Vpn Router 600
vpn_router_600
1 CVE
Contact Center
contact_center
1 CVE
7220 Wlan Access Point
7220_wlan_access_point
1 CVE
7250 Wlan Access Point
7250_wlan_access_point
1 CVE
Ethernet Routing Switch 1612
ethernet_routing_switch_1612
1 CVE
Ethernet Routing Switch 1624
ethernet_routing_switch_1624
1 CVE
Ethernet Routing Switch 1648
ethernet_routing_switch_1648
1 CVE
Optical Metro 5000
optical_metro_5000
1 CVE
Optical Metro 5100
optical_metro_5100
1 CVE
Optical Metro 5200
optical_metro_5200
1 CVE
Survivable Remote Gateway
survivable_remote_gateway
1 CVE
Universal Signaling Point
universal_signaling_point
1 CVE
Ssl Vpn
ssl_vpn
1 CVE
Callpilot Server
callpilot_server
1 CVE
Net Direct Client
net_direct_client
1 CVE
Meridian Mail
meridian_mail
1 CVE
Vpn Router 1750
vpn_router_1750
1 CVE
Vpn Router Portfolio
vpn_router_portfolio
1 CVE
Communications Server
communications_server
1 CVE
Pc Client Soft Phone Sip
pc_client_soft_phone_sip
1 CVE
Sip Softphone
sip_softphone
1 CVE
Voip Core Cs
voip-core-cs
1 CVE
Multimedia Communications Server
multimedia_communications_server
1 CVE
Sip Multimedia Pc Client
sip_multimedia_pc_client
1 CVE
Unistim Ip Phone
unistim_ip_phone
1 CVE
Communication Server 1000
communication_server_1000
1 CVE
Unistim Protocol
unistim_protocol
1 CVE
Optivity Net Architect
optivity_net_architect
1 CVE
Alteon 2424 Application Switch
alteon_2424_application_switch
0 CVEs
Ssl Vpn Module 1000
ssl_vpn_module_1000
0 CVEs
Vpn Gateway 3070
vpn_gateway_3070
0 CVEs
Multimedia Communication Server 5200
multimedia_communication_server_5200
0 CVEs
Ip Audio Conference Phone 2033
ip_audio_conference_phone_2033
0 CVEs
Ip Phone 1110
ip_phone_1110
0 CVEs
Ip Phone 1120e
ip_phone_1120e
0 CVEs
Ip Phone 1140e
ip_phone_1140e
0 CVEs
Ip Phone 1150e
ip_phone_1150e
0 CVEs
Ip Phone 2001
ip_phone_2001
0 CVEs
Ip Phone 2002
ip_phone_2002
0 CVEs
Ip Phone 2004
ip_phone_2004
0 CVEs
Ip Phone 2007
ip_phone_2007
0 CVEs
Wlan Handset 2210
wlan_handset_2210
0 CVEs
Wlan Handset 2211
wlan_handset_2211
0 CVEs
Wlan Handset 2212
wlan_handset_2212
0 CVEs
Wlan Handset 6120
wlan_handset_6120
0 CVEs
Wlan Handset 6140
wlan_handset_6140
0 CVEs

CVEs (44)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-6579
1Nortel
1Cs1000
Apr 23, 2026
Apr 1, 2009
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators."
CVE-2008-6578
1Nortel
1Cs1000
Apr 23, 2026
Apr 1, 2009
N/A· v4
N/A· v3
10.0 HIGH· v2
Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unkn...Show more
Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors.Show less
CVE-2008-6577
1Nortel
1Cs1000
Apr 23, 2026
Apr 1, 2009
N/A· v4
N/A· v3
10.0 HIGH· v2
Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges.
CVE-2008-6576
1Nortel
1Cs1000
Apr 23, 2026
Apr 1, 2009
N/A· v4
N/A· v3
7.8 HIGH· v2
Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of...Show more
Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions.Show less
CVE-2008-6564
1Nortel
2Communication Server 1000
Unistim Protocol
Apr 23, 2026
Mar 31, 2009
N/A· v4
N/A· v3
7.6 HIGH· v2
Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.
CVE-2008-5872
1Nortel
1Multimedia Communication Server 5100
Apr 23, 2026
Jan 8, 2009
N/A· v4
N/A· v3
7.8 HIGH· v2
Multiple unspecified vulnerabilities in the UNIStim File Transfer Protocol (UFTP) processing in IP Client Manager (IPCM) in Nortel Multimedia Communication Server (MSC) 5100 3.0.13 allow remote attackers to cause a denia...Show more
Multiple unspecified vulnerabilities in the UNIStim File Transfer Protocol (UFTP) processing in IP Client Manager (IPCM) in Nortel Multimedia Communication Server (MSC) 5100 3.0.13 allow remote attackers to cause a denial of service (device outage) via a UFTP message that has a negative block size or other crafted Connection Details values.Show less
CVE-2008-5871
1Nortel
1Multimedia Communication Server 5100
Apr 23, 2026
Jan 8, 2009
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoop command.
CVE-2008-4999
1Nortel
1Unistim Ip Phone
Apr 23, 2026
Nov 7, 2008
N/A· v4
N/A· v3
7.8 HIGH· v2
Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: this issue could not be reproduced by a third party, who tested it on...Show more
Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: this issue could not be reproduced by a third party, who tested it on 0604DAD. In addition, the original researcher was not able to reliably reproduce the issue.Show less
CVE-2008-3157
1Nortel
1Sip Multimedia Pc Client
Apr 23, 2026
Jul 11, 2008
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Nortel SIP Multimedia PC Client 4.x MCS5100 and MCS5200 does not limit the number of concurrent sessions, which allows attackers to cause a denial of service (resource consumption) via a large number of sessions.
CVE-2008-2218
1Nortel
1Multimedia Communications Server
Apr 23, 2026
May 14, 2008
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Buffer overflow in the Multimedia PC Client in Nortel Multimedia Communication Server (MCS) before Maintenance Release 3.5.8.3 and 4.0.25.3 allows remote attackers to cause a denial of service (crash) via a flood of "ext...Show more
Buffer overflow in the Multimedia PC Client in Nortel Multimedia Communication Server (MCS) before Maintenance Release 3.5.8.3 and 4.0.25.3 allows remote attackers to cause a denial of service (crash) via a flood of "extraneous" messages, as demonstrated by the Nessus "Generic flood" denial of service plugin.Show less
CVE-2007-5640
1Nortel
9Business Communications Manager
Centrex Ip Client ManagerCentrex Ip Element Manager+6 more
Apr 23, 2026
Oct 23, 2007
N/A· v4
N/A· v3
7.1 HIGH· v2
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remote attackers to block...Show more
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remote attackers to block calls and force re-registration via a resume message to the Signaling Server that has a spoofed source IP address for the phone. NOTE: the attack is more disruptive if a new spoofed resume message is sent after each re-registration.Show less
CVE-2007-5639
1Nortel
2Ip Softphone 2050
Mobile Voice Client 2050
Apr 23, 2026
Oct 23, 2007
N/A· v4
N/A· v3
7.1 HIGH· v2
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service (device hang) via a flood of Mute and U...Show more
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service (device hang) via a flood of Mute and UnMute messages that have a spoofed source IP address for the Signaling Server.Show less
CVE-2007-5638
1Nortel
9Business Communications Manager
Centrex Ip Client ManagerCentrex Ip Element Manager+6 more
Apr 23, 2026
Oct 23, 2007
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID num...Show more
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID number field of an RUDP datagram, which makes it easier for remote attackers to guess the RUDP ID and spoof messages. NOTE: this can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages.Show less
CVE-2007-5637
1Nortel
9Business Communications Manager
Centrex Ip Client ManagerCentrex Ip Element Manager+6 more
Apr 23, 2026
Oct 23, 2007
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical e...Show more
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables "surveillance mode." NOTE: issues relating to a small ID number space can be leveraged to make this attack easier.Show less
CVE-2007-5636
1Nortel
1Ip Softphone 2050
Apr 23, 2026
Oct 23, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via a flood of invalid characters to the RTCP port (567...Show more
Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via a flood of invalid characters to the RTCP port (5678/udp) that triggers a Windows error message, aka "extraneous messaging."Show less
CVE-2007-5591
1Nortel
5Meridian Option 11c
Meridian Option 51cMeridian Option 61c+2 more
Apr 23, 2026
Oct 19, 2007
N/A· v4
N/A· v3
7.8 HIGH· v2
The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Chassis/Cabinet, Enterprise VoIP-Core-CS 1000E and 1000S, Meridian-Core-Option 11C Chassis and Cabinet, and Meridian-Core-Option 51C, 61C, and 81C allow...Show more
The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Chassis/Cabinet, Enterprise VoIP-Core-CS 1000E and 1000S, Meridian-Core-Option 11C Chassis and Cabinet, and Meridian-Core-Option 51C, 61C, and 81C allows remote attackers to cause a denial of service (telephony application outage) via a flood of packets to Embedded LAN (ELAN) ports.Show less
CVE-2007-3438
1Nortel
1Sip Softphone
Apr 23, 2026
Jun 27, 2007
N/A· v4
N/A· v3
7.8 HIGH· v2
Buffer overflow in the SIP header parsing module in the Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to execute arbitrary code via a malformed message, a different vulnerability than CVE-...Show more
Buffer overflow in the SIP header parsing module in the Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to execute arbitrary code via a malformed message, a different vulnerability than CVE-2007-3361.Show less
CVE-2007-3361
1Nortel
1Pc Client Soft Phone Sip
Apr 23, 2026
Jun 22, 2007
N/A· v4
N/A· v3
7.8 HIGH· v2
The Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to cause a denial of service (device crash) via a SIP message with a malformed header.
CVE-2007-2886
1Nortel
1Communications Server
Apr 23, 2026
May 30, 2007
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in the Nortel CS 1000 M media card in Enterprise VoIP-Core-CS 1000E, 1000M, and 1000S 04.50W before 20070523 in Meridian/CS 1000 allows remote attackers to cause a denial of service (card hang)...Show more
Unspecified vulnerability in the Nortel CS 1000 M media card in Enterprise VoIP-Core-CS 1000E, 1000M, and 1000S 04.50W before 20070523 in Meridian/CS 1000 allows remote attackers to cause a denial of service (card hang) via unspecified vectors.Show less
CVE-2007-2334
1Nortel
2Contivity
Vpn Router 5000
Apr 23, 2026
Apr 27, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers...Show more
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests.Show less