Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2008-6706
HistoryApr 10, 2009 - 10:00 p.m.

CVE-2008-6706

2009-04-1022:00:00
[email protected]
web.nvd.nist.gov
5

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.006

Percentile

77.6%

JSON

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts “subscriber table passwords,” (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts “subscriber table passwords.”

Affected configurations

Nvd
Node
avayasip_enablement_servicesMatch3.0
OR
avayasip_enablement_servicesMatch3.1
OR
avayasip_enablement_servicesMatch3.1.1
OR
avayasip_enablement_servicesMatch4.0
AND
avayacommunication_managerMatch3.1
OR
avayacommunication_managerMatch3.1.1
OR
avayacommunication_managerMatch3.1.2
OR
avayacommunication_managerMatch3.1.3
OR
avayacommunication_managerMatch3.1.4
OR
avayacommunication_managerMatch3.1.4sp1
OR
avayacommunication_managerMatch3.1.4sp2
OR
avayacommunication_managerMatch3.1.5
OR
avayacommunication_managerMatch3.1.5sp0
VendorProductVersionCPE
avayasip_enablement_services3.0cpe:2.3:a:avaya:sip_enablement_services:3.0:*:*:*:*:*:*:*
avayasip_enablement_services3.1cpe:2.3:a:avaya:sip_enablement_services:3.1:*:*:*:*:*:*:*
avayasip_enablement_services3.1.1cpe:2.3:a:avaya:sip_enablement_services:3.1.1:*:*:*:*:*:*:*
avayasip_enablement_services4.0cpe:2.3:a:avaya:sip_enablement_services:4.0:*:*:*:*:*:*:*
avayacommunication_manager3.1cpe:2.3:a:avaya:communication_manager:3.1:*:*:*:*:*:*:*
avayacommunication_manager3.1.1cpe:2.3:a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:*
avayacommunication_manager3.1.2cpe:2.3:a:avaya:communication_manager:3.1.2:*:*:*:*:*:*:*
avayacommunication_manager3.1.3cpe:2.3:a:avaya:communication_manager:3.1.3:*:*:*:*:*:*:*
avayacommunication_manager3.1.4cpe:2.3:a:avaya:communication_manager:3.1.4:*:*:*:*:*:*:*
avayacommunication_manager3.1.4cpe:2.3:a:avaya:communication_manager:3.1.4:sp1:*:*:*:*:*:*
Rows per page:
1-10 of 131

Related

cvelist 1
prion 1
cve 1
cvelist
cvelist
CVE-2008-6706
2009-04-10 15:00:00
prion
prion
Code injection
2009-04-10 22:00:00
cve
cve
CVE-2008-6706
2009-04-10 22:00:00

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.006

Percentile

77.6%

JSON
Related for NVD:CVE-2008-6706
cvelist1prion1cve1