CVE-2008-6708

Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or restoring parameters."

Link	Resource
http://www.voipshield.com/research-details.php?id=77
http://support.avaya.com/elmodocs2/security/ASA-2008-268.htm	Vendor Advisory
http://secunia.com/advisories/30751
http://www.vupen.com/english/advisories/2008/1943/references
http://www.securityfocus.com/bid/29939
http://osvdb.org/46604
https://exchange.xforce.ibmcloud.com/vulnerabilities/43390

Configuration 1

cpe:2.3:a:avaya:communication_manager:3.1.4:*:*:*:*:*:*:* cpe:2.3:a:avaya:communication_manager:4.0.1:sp15500:*:*:*:*:*:* cpe:2.3:a:avaya:communication_manager:3.1.2:*:*:*:*:*:*:* cpe:2.3:a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:* cpe:2.3:a:avaya:communication_manager:3.1.5:*:*:*:*:*:*:* cpe:2.3:a:avaya:communication_manager:4.0:*:*:*:*:*:*:* cpe:2.3:a:avaya:communication_manager:4.0.1:sp15215:*:*:*:*:*:* cpe:2.3:a:avaya:communication_manager:3.1:*:*:*:*:*:*:* cpe:2.3:a:avaya:communication_manager:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:avaya:communication_manager:3.1.3:*:*:*:*:*:*:* cpe:2.3:a:avaya:sip_enablement_services:3.0:*:*:*:*:*:*:* cpe:2.3:a:avaya:communication_manager:4.0.1:*:*:*:*:*:*:*

---

Published : 2009-04-10 10:00

Updated : 2017-08-17 01:29

---

NVD link : CVE-2008-6708

Mitre link : CVE-2008-6708

Avaya

NVD-CWE-noinfo