Communication Manager@3.1.5 Security Vulnerabilities and Issues — Communication Manager@3.1.5 CVE List

Lucene search

AvayaCommunication Manager3.1.5

8 matches found

CVE•added 2009/04/01 10:30 p.m.•45 views

CVE-2008-6573

Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communication Manager 3.x, 4.0, and 5.0 (1) allow remote attackers to execute arbitrary SQL commands via unspecified vectors related to profiles in the SIP Personal Information Manager (SPIM) in the web int...

6.8CVSS8.3AI score0.00723EPSS

CVE•added 2009/04/01 10:30 p.m.•40 views

CVE-2008-6575

Unspecified vulnerability in the SIP server in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote authenticated users to cause a denial of service (resource consumption) via unknown vectors.

6.8CVSS6.4AI score0.00694EPSS

CVE•added 2008/12/24 6:29 p.m.•38 views

CVE-2008-5710

Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1.x, 4.0.3, and 5.x allow remote attackers to read (1) configuration files, (2) log files, (3) binary image files, and (4) help files via unknown vectors.

5CVSS6.8AI score0.00516EPSS

CVE•added 2009/04/10 10:0 p.m.•38 views

CVE-2008-6707

The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted functionality via (1) the c...

6.4CVSS6.8AI score0.00415EPSS

CVE•added 2009/04/10 10:0 p.m.•35 views

CVE-2008-6709

Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or restor...

9CVSS7.4AI score0.01092EPSS

CVE•added 2009/04/10 10:0 p.m.•34 views

CVE-2008-6708

Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or r...

9CVSS6.7AI score0.01873EPSS

CVE•added 2009/04/10 10:0 p.m.•33 views

CVE-2008-6706

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passw...

7.8CVSS7AI score0.00795EPSS

CVE•added 2009/04/01 10:30 p.m.•31 views

CVE-2008-6574

Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote attackers to gain privileges and cause a denial of service via unknown vectors related to reuse of valid credentials.

7.5CVSS7AI score0.0073EPSS