CVE-2008-6706

2009-04-1015:00:00

mitre

www.cve.org

AI Score

6.8

Confidence

Low

EPSS

0.006

Percentile

77.6%

JSON

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts “subscriber table passwords,” (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts “subscriber table passwords.”

References

osvdb.org/46602

secunia.com/advisories/30751

support.avaya.com/elmodocs2/security/ASA-2008-268.htm

www.securityfocus.com/bid/29939

www.voipshield.com/research-details.php?id=81

www.voipshield.com/research-details.php?id=82

www.voipshield.com/research-details.php?id=83

www.voipshield.com/research-details.php?id=84

www.voipshield.com/research-details.php?id=85

www.vupen.com/english/advisories/2008/1943/references

exchange.xforce.ibmcloud.com/vulnerabilities/43382

exchange.xforce.ibmcloud.com/vulnerabilities/43383

exchange.xforce.ibmcloud.com/vulnerabilities/43387

exchange.xforce.ibmcloud.com/vulnerabilities/43388