Information Disclosure in Avaya Secure Access Link Gateway
CVE-2011-3008

Currently unrated

Key Information:

Vendor

Avaya
Status
Secure Access Link Gateway
Vendor
CVE Published:
5 August 2011

What is CVE-2011-3008?

The default settings in Avaya Secure Access Link (SAL) Gateway versions 1.5, 1.8, and 2.0 include sensitive domain names in the configuration fields for Secondary Core Server URL and Secondary Remote Server URL. This misconfiguration can be exploited by remote attackers with administrative access, enabling them to retrieve sensitive information from alarm and log data associated with these domain names.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/68922
vdb-entryx_refsource_XF
http://support.avaya.com/css/P8/documents/100140483
x_refsource_CONFIRM
http://www.securityfocus.com/bid/48942
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.