CVE Tools
Sign in

CVE-2007-1491

Published: Mar 16, 2007Updated: Apr 23, 2026 Sources: CVE List NVDNVD-CWE-Other
NVD MITRE
5.2CVSSMEDIUM
EPSS Score
0.4%
Top 71.5%
CISA KEV
Not in KEV
Exploits
No Known Exploits
Remediation
Patch Available

Description

Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.

CVSS Vector Breakdown

AV:AAC:LAu:SC:PI:PA:P
Exploitability
AV:AAccess Vector
Adjacent Network
AC:LAccess Complexity
Low
Au:SAuthentication
Single
Impact
C:PConfidentiality
Partial
I:PIntegrity
Partial
A:PAvailability
Partial
Open in CVSS calculator →

Weaknesses

NVD-CWE-Other

Affected Products

n/an/a
sip enablement servicesavayaCommunications
s8300avayaCommunications
s8500avayaCommunications
s8700avayaCommunications
avayacommercialUSCommunicationsaka avaya communication manager, s8300

Exploitability

Official Patch Available

References

http://support.avaya.com/elmodocs2/security/ASA-2007-051.htm
support.avaya.com
http://secunia.com/advisories/24434
secunia.com
http://www.osvdb.org/33346
osvdb.org

Timeline

Published
Mar 16, 2007
Last Updated
Apr 23, 2026

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2007-1491 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows