Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-3280 | 1 Alcatel-lucent | 2 Ccagent, Omnitouch Contact Center | 2024-11-21 | 6.9 MEDIUM | N/A |
The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an authorized session, which allows remote attackers to monitor or reconfigure Contact Center operations via a modified client application. | |||||
CVE-2010-3279 | 1 Alcatel-lucent | 2 Ccagent, Omnitouch Contact Center | 2024-11-21 | 7.6 HIGH | N/A |
The default configuration of the CCAgent option before 9.0.8.4 in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition enables maintenance access, which allows remote attackers to monitor or reconfigure Contact Center operations via vectors involving TSA_maintenance.exe. |