CVE-2008-6706

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords."
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:avaya:sip_enablement_services:3.0:*:*:*:*:*:*:*
cpe:2.3:a:avaya:sip_enablement_services:3.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:sip_enablement_services:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:sip_enablement_services:4.0:*:*:*:*:*:*:*
OR cpe:2.3:a:avaya:communication_manager:3.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:communication_manager:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:avaya:communication_manager:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:avaya:communication_manager:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:avaya:communication_manager:3.1.4:sp1:*:*:*:*:*:*
cpe:2.3:a:avaya:communication_manager:3.1.4:sp2:*:*:*:*:*:*
cpe:2.3:a:avaya:communication_manager:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:avaya:communication_manager:3.1.5:sp0:*:*:*:*:*:*

History

21 Nov 2024, 00:57

Type Values Removed Values Added
References () http://osvdb.org/46602 - () http://osvdb.org/46602 -
References () http://secunia.com/advisories/30751 - () http://secunia.com/advisories/30751 -
References () http://support.avaya.com/elmodocs2/security/ASA-2008-268.htm - Vendor Advisory () http://support.avaya.com/elmodocs2/security/ASA-2008-268.htm - Vendor Advisory
References () http://www.securityfocus.com/bid/29939 - () http://www.securityfocus.com/bid/29939 -
References () http://www.voipshield.com/research-details.php?id=81 - () http://www.voipshield.com/research-details.php?id=81 -
References () http://www.voipshield.com/research-details.php?id=82 - () http://www.voipshield.com/research-details.php?id=82 -
References () http://www.voipshield.com/research-details.php?id=83 - () http://www.voipshield.com/research-details.php?id=83 -
References () http://www.voipshield.com/research-details.php?id=84 - () http://www.voipshield.com/research-details.php?id=84 -
References () http://www.voipshield.com/research-details.php?id=85 - () http://www.voipshield.com/research-details.php?id=85 -
References () http://www.vupen.com/english/advisories/2008/1943/references - () http://www.vupen.com/english/advisories/2008/1943/references -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/43382 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/43382 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/43383 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/43383 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/43387 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/43387 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/43388 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/43388 -

Information

Published : 2009-04-10 22:00

Updated : 2024-11-21 00:57


NVD link : CVE-2008-6706

Mitre link : CVE-2008-6706

CVE.ORG link : CVE-2008-6706


JSON object : View

Products Affected

avaya

  • sip_enablement_services
  • communication_manager