Lucene search

K

Communication Manager Security Vulnerabilities

cve
cve

CVE-2008-6710

Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to "configuring data viewing or restoring...

7.3AI Score

0.005EPSS

2009-04-10 10:00 PM
18
cve
cve

CVE-2008-6707

The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted functionality via (1) the.....

7.3AI Score

0.006EPSS

2009-04-10 10:00 PM
20
cve
cve

CVE-2008-6709

Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or...

7.9AI Score

0.006EPSS

2009-04-10 10:00 PM
18
cve
cve

CVE-2008-6711

Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to "viewing system...

7.9AI Score

0.006EPSS

2009-04-10 10:00 PM
24
cve
cve

CVE-2008-6708

Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or.....

7.3AI Score

0.005EPSS

2009-04-10 10:00 PM
18
cve
cve

CVE-2008-6706

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted...

7.6AI Score

0.006EPSS

2009-04-10 10:00 PM
17
cve
cve

CVE-2008-6575

Unspecified vulnerability in the SIP server in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote authenticated users to cause a denial of service (resource consumption) via unknown...

7AI Score

0.004EPSS

2009-04-01 10:30 PM
22
cve
cve

CVE-2008-6574

Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote attackers to gain privileges and cause a denial of service via unknown vectors related to reuse of valid...

7.7AI Score

0.012EPSS

2009-04-01 10:30 PM
17
cve
cve

CVE-2008-6573

Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communication Manager 3.x, 4.0, and 5.0 (1) allow remote attackers to execute arbitrary SQL commands via unspecified vectors related to profiles in the SIP Personal Information Manager (SPIM) in the web...

9AI Score

0.002EPSS

2009-04-01 10:30 PM
22
cve
cve

CVE-2008-5710

Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1.x, 4.0.3, and 5.x allow remote attackers to read (1) configuration files, (2) log files, (3) binary image files, and (4) help files via unknown...

7.6AI Score

0.005EPSS

2008-12-24 06:29 PM
25
cve
cve

CVE-2008-5709

Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1 before 3.1.4 SP2, 4.0 before 4.0.3 SP1, and 5.0 before 5.0 SP3 allow remote authenticated users to execute arbitrary code via unknown attack vectors in the (1) Set Static Routes and (2)...

8.2AI Score

0.015EPSS

2008-12-24 06:29 PM
24
cve
cve

CVE-2008-3777

The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm and (2) system logs during failed login attempts, which allows local users to obtain login...

7AI Score

0.0004EPSS

2008-08-25 09:41 PM
20
cve
cve

CVE-2008-3778

The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause a denial of...

7.7AI Score

0.005EPSS

2008-08-25 09:41 PM
20
cve
cve

CVE-2008-2812

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3)...

7.8CVSS

7.2AI Score

0.0004EPSS

2008-07-09 12:41 AM
49
10
cve
cve

CVE-2007-1490

Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allow remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors (aka "shell command...

8.2AI Score

0.002EPSS

2007-03-16 10:19 PM
20
cve
cve

CVE-2004-1082

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay...

6.9AI Score

0.003EPSS

2004-02-03 05:00 AM
122