Design/Logic Flaw

2009-04-1022:00:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.0%

JSON

Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of “data viewing or restoring parameters.”

CPENameOperatorVersion
communication_managereq3.1.4
communication_managereq4.0.1 sp15500
communication_managereq3.1.2
communication_managereq3.1.1
communication_managereq3.1.5
communication_managereq4.0
communication_managereq4.0.1 sp15215
communication_managereq3.1
communication_managereq4.0.3
communication_managereq3.1.3

Name	Operator	Version
communication_manager	eq	3.1.4
communication_manager	eq	4.0.1 sp15500
communication_manager	eq	3.1.2
communication_manager	eq	3.1.1
communication_manager	eq	3.1.5
communication_manager	eq	4.0
communication_manager	eq	4.0.1 sp15215
communication_manager	eq	3.1
communication_manager	eq	4.0.3
communication_manager	eq	3.1.3

Rows per page:

1-10 of 121

References

osvdb.org/46604

secunia.com/advisories/30751

support.avaya.com/elmodocs2/security/ASA-2008-268.htm

www.securityfocus.com/bid/29939

www.voipshield.com/research-details.php?id=77

www.vupen.com/english/advisories/2008/1943/references

exchange.xforce.ibmcloud.com/vulnerabilities/43390