PT-2009-2178 · Avaya · Avaya Communication Manager+1

Publicado

2009-04-10

Atualizado

2017-08-17

CVE-2008-6709

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Avaya SIP Enablement Services (SES) versions 3.x through 4.0 Avaya Communication Manager versions 3.1.x

Description The issue allows remote authenticated users to execute arbitrary commands, related to the configuration of local data viewing or restoring parameters in the Web management interface.

Recommendations For Avaya SIP Enablement Services (SES) versions 3.x through 4.0, restrict access to the Web management interface until a fix is available. For Avaya Communication Manager versions 3.1.x, consider disabling remote access to the configuration of local data viewing or restoring parameters as a temporary workaround.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2008-6709

Produtos afetados

Avaya Communication Manager

Avaya Sip Enablement Services

PT-2009-2178 · Avaya · Avaya Communication Manager+1

CVE-2008-6709

Identificadores relacionados

Produtos afetados

Referências · 8