Communication Manager@3.1 Security Vulnerabilities and Issues — Communication Manager@3.1 CVE List

Lucene search

AvayaCommunication Manager3.1

9 matches found

CVE•added 2009/04/10 10:0 p.m.•42 views

CVE-2008-6711

Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to "viewing system logs."

9CVSS7.3AI score0.01092EPSS

CVE•added 2009/04/01 10:30 p.m.•40 views

CVE-2008-6575

Unspecified vulnerability in the SIP server in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote authenticated users to cause a denial of service (resource consumption) via unknown vectors.

6.8CVSS6.4AI score0.00694EPSS

CVE•added 2008/12/24 6:29 p.m.•38 views

CVE-2008-5710

Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1.x, 4.0.3, and 5.x allow remote attackers to read (1) configuration files, (2) log files, (3) binary image files, and (4) help files via unknown vectors.

5CVSS6.8AI score0.00516EPSS

CVE•added 2009/04/10 10:0 p.m.•38 views

CVE-2008-6707

The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted functionality via (1) the c...

6.4CVSS6.8AI score0.00415EPSS

CVE•added 2009/04/10 10:0 p.m.•38 views

CVE-2008-6710

Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to "configuring data viewing or restoring credentials."

9CVSS6.7AI score0.01873EPSS

CVE•added 2009/04/10 10:0 p.m.•35 views

CVE-2008-6709

Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or restor...

9CVSS7.4AI score0.01092EPSS

CVE•added 2009/04/10 10:0 p.m.•34 views

CVE-2008-6708

Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or r...

9CVSS6.7AI score0.01873EPSS

CVE•added 2009/04/10 10:0 p.m.•33 views

CVE-2008-6706

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passw...

7.8CVSS7AI score0.00795EPSS

CVE•added 2009/04/01 10:30 p.m.•31 views

CVE-2008-6574

Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote attackers to gain privileges and cause a denial of service via unknown vectors related to reuse of valid credentials.

7.5CVSS7AI score0.0073EPSS