CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2008-6706
https://notcve.org/view.php?id=CVE-2008-6706
10 Apr 2009 — Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords." Múltiples vulnerab... • http://osvdb.org/46602 •
CVSS: 9.1EPSS: 0%CPEs: 13EXPL: 0CVE-2008-6707
https://notcve.org/view.php?id=CVE-2008-6707
10 Apr 2009 — The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted functionality via (1) the certificate installation utility, (2) unspecified scripts in the objects folder, (3) an "unnecessary default application," (4) unspecified scripts in the states folder, (5) an unspecified "default application" that... • http://osvdb.org/46598 • CWE-287: Improper Authentication •
CVSS: 9.0EPSS: 1%CPEs: 12EXPL: 0CVE-2008-6708
https://notcve.org/view.php?id=CVE-2008-6708
10 Apr 2009 — Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or restoring parameters." Vulnerabilidad no especificada en el interfase de administración web de Avaya SIP Enablement Services (SES)v3.x y v4.0, como las usadas en Avaya Communication Manager v3.1.x y v4.x, permite a... • http://osvdb.org/46604 •
CVSS: 9.0EPSS: 1%CPEs: 13EXPL: 0CVE-2008-6709
https://notcve.org/view.php?id=CVE-2008-6709
10 Apr 2009 — Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or restoring parameters." Vulnerabilidad no especificada en el interfase de administración web de Avaya SIP Enablement Services (SES)v3.x y v4.0, como las usadas en Avaya Communication Manager v3.1.x, permite a usuarios re... • http://secunia.com/advisories/30751 •