Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-5591


The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Chassis/Cabinet, Enterprise VoIP-Core-CS 1000E and 1000S, Meridian-Core-Option 11C Chassis and Cabinet, and Meridian-Core-Option 51C, 61C, and 81C allows remote attackers to cause a denial of service (telephony application outage) via a flood of packets to Embedded LAN (ELAN) ports.


Security Impact Summary

CVE-2007-5591 is a security vulnerability that . Impacting 6 products from nortel, from nortel, from nortel and 3 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Originally identified in 2007, this vulnerability predates many modern security frameworks and practices. The vulnerability landscape of that era was characterized by different threat models and less mature defense mechanisms compared to contemporary standards.


Published

2007-10-19T23:17:00.000

Last Modified

2026-06-16T22:46:27.427

Status

Modified

Source

[email protected]

Severity

CVSSv2: 7.8 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

6.9

Weaknesses
  • Type: Primary
    NVD-CWE-Other

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application nortel communications_server 1000e No
Application nortel communications_server 1000m No
Application nortel communications_server 1000s No
Application nortel meridian_option_11c * Yes
Application nortel meridian_option_51c * Yes
Application nortel meridian_option_61c * Yes
Application nortel meridian_option_81c * Yes
Application nortel voip-core-cs 1000e Yes
Application nortel voip-core-cs 1000m Yes
Application nortel voip-core-cs 1000s Yes

References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For nortel's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.