Information Disclosure Vulnerability in Avaya Communication Manager and SIP Enablement Services
CVE-2008-3777

Currently unrated

Key Information:

Vendor

Avaya
Status
Sip Enablement Services
Vendor
CVE Published:
25 August 2008

What is CVE-2008-3777?

The SIP Enablement Services (SES) Server in Avaya's Communication Manager and SIP Enablement Services 5.0 versions exposes sensitive information by logging account names and passwords during failed login attempts. This behavior allows local users to potentially retrieve login credentials through access to system logs. To mitigate this risk, it is essential to implement appropriate access controls and restrict log access to authorized personnel.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://support.avaya.com/elmodocs2/security/ASA-2008-347.htm
x_refsource_CONFIRM
http://www.securityfocus.com/bid/30758
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/44586
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.