CVSS: 9.0EPSS: 0%CPEs: 11EXPL: 0CVE-2008-6710
https://notcve.org/view.php?id=CVE-2008-6710
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to "configuring data viewing or restoring credentials." Vulnerabilidad no especificada en el interfase de administración web de Avaya Communication Manager v3.1.x anteriores a CM v3.1.4 SP2 y v4.0.x anteriores a v4.0.3 SP1 permite a administradores remotos autentificados, obtener privilegios de root a través de vectores no específicos, relativos a "viendo datos de configuración o restaurando credenciales". • http://secunia.com/advisories/30799 http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm http://www.osvdb.org/46582 http://www.securityfocus.com/bid/29939 http://www.voipshield.com/research-details.php?id=79 http://www.vupen.com/english/advisories/2008/1944/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43386 •
CVSS: 9.0EPSS: 0%CPEs: 12EXPL: 0CVE-2008-6708
https://notcve.org/view.php?id=CVE-2008-6708
Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or restoring parameters." Vulnerabilidad no especificada en el interfase de administración web de Avaya SIP Enablement Services (SES)v3.x y v4.0, como las usadas en Avaya Communication Manager v3.1.x y v4.x, permite a usuarios remotos autentificados, obtener privilegios de root a través de vectores desconocidos relativos a la configuración de "viendo datos locales o restaurando parámetros". • http://osvdb.org/46604 http://secunia.com/advisories/30751 http://support.avaya.com/elmodocs2/security/ASA-2008-268.htm http://www.securityfocus.com/bid/29939 http://www.voipshield.com/research-details.php?id=77 http://www.vupen.com/english/advisories/2008/1943/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43390 •
CVSS: 9.0EPSS: 0%CPEs: 11EXPL: 0CVE-2008-6711
https://notcve.org/view.php?id=CVE-2008-6711
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to "viewing system logs." Vulnerabilidad no especificada en el interfase de administración Web en Avaya Communication Manager v3.1.x anteriores a CM v3.1.4 SP2 y v4.0.x anteriores v4.0.3 SP1 permiten a usuarios remotos autentificados, ejecutar comandos de su elección a través de vectores desconocidos, relativo a "viendo registros de sistema". • http://secunia.com/advisories/30799 http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm http://www.osvdb.org/46581 http://www.securityfocus.com/bid/29939 http://www.voipshield.com/research-details.php?id=80 http://www.vupen.com/english/advisories/2008/1944/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43391 •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2008-6574
https://notcve.org/view.php?id=CVE-2008-6574
Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote attackers to gain privileges and cause a denial of service via unknown vectors related to reuse of valid credentials. Vulnerabilidad no especificada en SIP Enablement Services (SES) en Avaya Communication Manager 3.1.x y 4.x permite a atacantes remotos conseguir privilegios y provocar una denegación de servicio a través de vectores desconocidos relacionados con reutilizar credenciales válidas. • http://osvdb.org/44288 http://secunia.com/advisories/29744 http://www.securityfocus.com/bid/28687 http://www.voipshield.com/research-details.php?id=24 https://exchange.xforce.ibmcloud.com/vulnerabilities/41734 •
CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0CVE-2008-6575
https://notcve.org/view.php?id=CVE-2008-6575
Unspecified vulnerability in the SIP server in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote authenticated users to cause a denial of service (resource consumption) via unknown vectors. Vulnerabilidad no especificada en el servidor SIP en SIP Enablement Services (SES) en Avaya Communication Manager 3.1.x y 4.x permite a usuarios remotos autenticados provocar una denegación de servicio (consumo de recursos) a través de vectores desconocidos. • http://osvdb.org/44287 http://secunia.com/advisories/29744 http://www.voipshield.com/research-details.php?id=23 https://exchange.xforce.ibmcloud.com/vulnerabilities/41734 https://exchange.xforce.ibmcloud.com/vulnerabilities/49849 •