Lucene search

MitreCVE-2008-6711

HistoryApr 10, 2009 - 10:00 p.m.

CVE-2008-6711

2009-04-1022:00:00

mitre

web.nvd.nist.gov

avaya

communication manager

vulnerability

web

remote

authenticated

arbitrary commands

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.006

Percentile

78.2%

JSON

Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to “viewing system logs.”

Affected configurations

Nvd

Node

avayacommunication_managerMatch3.1

avayacommunication_managerMatch3.1.1

avayacommunication_managerMatch3.1.2

avayacommunication_managerMatch3.1.3

avayacommunication_managerMatch3.1.4

avayacommunication_managerMatch3.1.4sp1

avayacommunication_managerMatch4.0

avayacommunication_managerMatch4.0.1

avayacommunication_managerMatch4.0.1sp15215

avayacommunication_managerMatch4.0.1sp15500

avayacommunication_managerMatch4.0.3

VendorProductVersionCPE
avayacommunication_manager3.1cpe:2.3:a:avaya:communication_manager:3.1:*:*:*:*:*:*:*
avayacommunication_manager3.1.1cpe:2.3:a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:*
avayacommunication_manager3.1.2cpe:2.3:a:avaya:communication_manager:3.1.2:*:*:*:*:*:*:*
avayacommunication_manager3.1.3cpe:2.3:a:avaya:communication_manager:3.1.3:*:*:*:*:*:*:*
avayacommunication_manager3.1.4cpe:2.3:a:avaya:communication_manager:3.1.4:*:*:*:*:*:*:*
avayacommunication_manager3.1.4cpe:2.3:a:avaya:communication_manager:3.1.4:sp1:*:*:*:*:*:*
avayacommunication_manager4.0cpe:2.3:a:avaya:communication_manager:4.0:*:*:*:*:*:*:*
avayacommunication_manager4.0.1cpe:2.3:a:avaya:communication_manager:4.0.1:*:*:*:*:*:*:*
avayacommunication_manager4.0.1cpe:2.3:a:avaya:communication_manager:4.0.1:sp15215:*:*:*:*:*:*
avayacommunication_manager4.0.1cpe:2.3:a:avaya:communication_manager:4.0.1:sp15500:*:*:*:*:*:*

Vendor	Product	Version	CPE
avaya	communication_manager	3.1	cpe:2.3:a:avaya:communication_manager:3.1:::::::*
avaya	communication_manager	3.1.1	cpe:2.3:a:avaya:communication_manager:3.1.1:::::::*
avaya	communication_manager	3.1.2	cpe:2.3:a:avaya:communication_manager:3.1.2:::::::*
avaya	communication_manager	3.1.3	cpe:2.3:a:avaya:communication_manager:3.1.3:::::::*
avaya	communication_manager	3.1.4	cpe:2.3:a:avaya:communication_manager:3.1.4:::::::*
avaya	communication_manager	3.1.4	cpe:2.3:a:avaya:communication_manager:3.1.4:sp1::::::
avaya	communication_manager	4.0	cpe:2.3:a:avaya:communication_manager:4.0:::::::*
avaya	communication_manager	4.0.1	cpe:2.3:a:avaya:communication_manager:4.0.1:::::::*
avaya	communication_manager	4.0.1	cpe:2.3:a:avaya:communication_manager:4.0.1:sp15215::::::
avaya	communication_manager	4.0.1	cpe:2.3:a:avaya:communication_manager:4.0.1:sp15500::::::

Rows per page:

1-10 of 111

References

secunia.com/advisories/30799

support.avaya.com/elmodocs2/security/ASA-2008-270.htm

www.osvdb.org/46581

www.securityfocus.com/bid/29939

www.voipshield.com/research-details.php?id=80

www.vupen.com/english/advisories/2008/1944/references

exchange.xforce.ibmcloud.com/vulnerabilities/43391

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.006

Percentile

78.2%

JSON

Related for CVE-2008-6711