Multiple Vulnerabilities in Avaya SIP Enablement Services Web Management Interface
CVE-2008-6706

Currently unrated

Key Information:

Vendor

Avaya
Status
Sip Enablement Services
Communication Manager
Vendor
CVE Published:
10 April 2009

What is CVE-2008-6706?

The Web management interface of Avaya SIP Enablement Services (SES) versions 3.x and 4.0 contains multiple unspecified vulnerabilities that can be exploited by remote attackers. These vulnerabilities may allow unauthorized users to access sensitive server configurations, including application server settings and encrypted database passwords. Attackers could potentially leverage system utilities that allow decryption of 'subscriber table passwords' and compromise critical security features, exposing systems to increased risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2008/1943/references
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/30751
third-party-advisoryx_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2008-268.htm
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.