CVE Vulnerability

CVE-2008-6709

Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or restoring parameters."

9 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.voipshield.com/research-details.php?id=78
http://support.avaya.com/elmodocs2/security/ASA-2008-268.htm Vendor Advisory
http://www.osvdb.org/46603
http://secunia.com/advisories/30751
http://www.vupen.com/english/advisories/2008/1943/references
http://www.securityfocus.com/bid/29939
https://exchange.xforce.ibmcloud.com/vulnerabilities/43380
Configurations

Configuration 1
Information

Published : 2009-04-10 10:00

Updated : 2017-08-17 01:29

NVD link : CVE-2008-6709

Mitre link : CVE-2008-6709

Products Affected

Avaya

CWE
NVD-CWE-noinfo