CVE-2008-6707

NONECVSS 0.0

0.0

The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted functionality via (1) the certificate installation utility, (2) unspecified scripts in the objects folder, (3) an "unnecessary default application," (4) unspecified scripts in the states folder, (5) an unspecified "default application" that lists server configuration, and (6) "full system help."

🔗 References (38)

cve@mitrehttp://osvdb.org/46598
cve@mitrehttp://osvdb.org/46599
cve@mitrehttp://osvdb.org/46600
cve@mitrehttp://secunia.com/advisories/30751
cve@mitrehttp://support.avaya.com/elmodocs2/security/ASA-2008-268.htm
cve@mitrehttp://www.securityfocus.com/bid/29939
cve@mitrehttp://www.voipshield.com/research-details.php?id=86
cve@mitrehttp://www.voipshield.com/research-details.php?id=87
cve@mitrehttp://www.voipshield.com/research-details.php?id=88
cve@mitrehttp://www.voipshield.com/research-details.php?id=89
cve@mitrehttp://www.voipshield.com/research-details.php?id=90
cve@mitrehttp://www.voipshield.com/research-details.php?id=91
cve@mitrehttp://www.vupen.com/english/advisories/2008/1943/references
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/43381
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/43384

Is Your Infrastructure Affected by CVE-2008-6707?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-6707

📅 Published

🔄 Last Modified

🔗 References (38)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-6707?