Design/Logic Flaw

2008-12-2418:29:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

JSON

Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1 before 3.1.4 SP2, 4.0 before 4.0.3 SP1, and 5.0 before 5.0 SP3 allow remote authenticated users to execute arbitrary code via unknown attack vectors in the (1) Set Static Routes and (2) Backup History components.

CPENameOperatorVersion
communication_managereq5.0
communication_managereq4.0.1 sp15500
communication_managereq3.1.2
communication_managereq3.1.4 sp1
communication_managereq3.1.1
communication_managereq4.0
communication_managereq4.0.1 sp15215
communication_managereq5.0 sp1
communication_managereq5.0 sp2
communication_managereq4.0.3

Name	Operator	Version
communication_manager	eq	5.0
communication_manager	eq	4.0.1 sp15500
communication_manager	eq	3.1.2
communication_manager	eq	3.1.4 sp1
communication_manager	eq	3.1.1
communication_manager	eq	4.0
communication_manager	eq	4.0.1 sp15215
communication_manager	eq	5.0 sp1
communication_manager	eq	5.0 sp2
communication_manager	eq	4.0.3

Rows per page:

1-10 of 121

References

secunia.com/advisories/32204

support.avaya.com/elmodocs2/security/ASA-2008-391.htm

www.securityfocus.com/bid/31645

www.voipshield.com/research-details.php?id=121

www.voipshield.com/research-details.php?id=122

www.vupen.com/english/advisories/2008/2772

exchange.xforce.ibmcloud.com/vulnerabilities/45747

exchange.xforce.ibmcloud.com/vulnerabilities/45749