Lucene search

[email protected]CVE-2008-6574

HistoryApr 01, 2009 - 10:30 p.m.

CVE-2008-6574

2009-04-0122:30:01

[email protected]

web.nvd.nist.gov

vulnerability

sip enablement services

avaya communication manager

remote attackers

denial of service

privilege escalation

cve-2008-6574

nvd

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote attackers to gain privileges and cause a denial of service via unknown vectors related to reuse of valid credentials.

Affected configurations

NVD

Node

avayacommunication_managerMatch3.1

avayacommunication_managerMatch3.1.1

avayacommunication_managerMatch3.1.2

avayacommunication_managerMatch3.1.3

avayacommunication_managerMatch3.1.4

avayacommunication_managerMatch3.1.4sp1

avayacommunication_managerMatch3.1.4sp2

avayacommunication_managerMatch3.1.5

avayacommunication_managerMatch3.1.5sp0

avayacommunication_managerMatch4.0

avayacommunication_managerMatch4.0.1

avayacommunication_managerMatch4.0.1sp15215

avayacommunication_managerMatch4.0.1sp15500

avayacommunication_managerMatch4.0.3

CPENameOperatorVersion
avaya:communication_manageravaya communication managereq3.1
avaya:communication_manageravaya communication managereq3.1.1
avaya:communication_manageravaya communication managereq3.1.2
avaya:communication_manageravaya communication managereq3.1.3
avaya:communication_manageravaya communication managereq3.1.4
avaya:communication_manageravaya communication managereq3.1.5
avaya:communication_manageravaya communication managereq4.0
avaya:communication_manageravaya communication managereq4.0.1
avaya:communication_manageravaya communication managereq4.0.3

CPE	Name	Operator	Version
avaya:communication_manager	avaya communication manager	eq	3.1
avaya:communication_manager	avaya communication manager	eq	3.1.1
avaya:communication_manager	avaya communication manager	eq	3.1.2
avaya:communication_manager	avaya communication manager	eq	3.1.3
avaya:communication_manager	avaya communication manager	eq	3.1.4
avaya:communication_manager	avaya communication manager	eq	3.1.5
avaya:communication_manager	avaya communication manager	eq	4.0
avaya:communication_manager	avaya communication manager	eq	4.0.1
avaya:communication_manager	avaya communication manager	eq	4.0.3

References

osvdb.org/44288

secunia.com/advisories/29744

www.securityfocus.com/bid/28687

www.voipshield.com/research-details.php?id=24

exchange.xforce.ibmcloud.com/vulnerabilities/41734

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

Related for CVE-2008-6574

prion1 nvd1 cvelist1