PT-2001-2394 · Avaya · Avaya Argent Office

Published

2001-08-07

Updated

2008-09-05

CVE-2001-1262

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Avaya Argent Office version 2.1

Description: The issue allows remote attackers to bypass authentication by providing a 0 length community string, due to the comparison of the user-provided SNMP community string with the correct string only up to the length of the user-provided string.

Recommendations: For Avaya Argent Office version 2.1, consider disabling SNMP or restricting access to it until a patch is available. As a temporary workaround, restrict access to the SNMP service to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1262

Affected Products

Avaya Argent Office

PT-2001-2394 · Avaya · Avaya Argent Office

CVE-2001-1262

Related Identifiers

Affected Products

References · 3