PT-2009-2047 · Nortel · Communications Server 1000+3

Published

2009-04-01

Updated

2017-08-17

CVE-2008-6577

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) version 4.50.x

Description The issue concerns the presence of multiple unspecified hard-coded accounts and passwords in the software, which can be exploited by remote attackers to gain privileges.

Recommendations For version 4.50.x, remove or change the hard-coded accounts and passwords to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2008-6577

Affected Products

Call Server

Communications Server 1000

Nortel Mg1000S

Signaling Server

PT-2009-2047 · Nortel · Communications Server 1000+3

CVE-2008-6577

Weakness Enumeration

Related Identifiers

Affected Products

References · 8