CVE-2008-6708
Severity Score
9.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or restoring parameters."
Vulnerabilidad no especificada en el interfase de administración web de Avaya SIP Enablement Services (SES)v3.x y v4.0, como las usadas en Avaya Communication Manager v3.1.x y v4.x, permite a usuarios remotos autentificados, obtener privilegios de root a través de vectores desconocidos relativos a la configuración de "viendo datos locales o restaurando parámetros".
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-04-10 CVE Reserved
- 2009-04-10 CVE Published
- 2023-05-29 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/46604 | Vdb Entry | |
| http://secunia.com/advisories/30751 | Third Party Advisory | |
| http://www.securityfocus.com/bid/29939 | Vdb Entry | |
| http://www.voipshield.com/research-details.php?id=77 | X_refsource_misc | |
| http://www.vupen.com/english/advisories/2008/1943/references | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/43390 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://support.avaya.com/elmodocs2/security/ASA-2008-268.htm | 2017-08-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 3.1 Search vendor "Avaya" for product "Communication Manager" and version "3.1" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 3.1.1 Search vendor "Avaya" for product "Communication Manager" and version "3.1.1" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 3.1.2 Search vendor "Avaya" for product "Communication Manager" and version "3.1.2" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 3.1.3 Search vendor "Avaya" for product "Communication Manager" and version "3.1.3" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 3.1.4 Search vendor "Avaya" for product "Communication Manager" and version "3.1.4" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 3.1.5 Search vendor "Avaya" for product "Communication Manager" and version "3.1.5" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 4.0 Search vendor "Avaya" for product "Communication Manager" and version "4.0" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 4.0.1 Search vendor "Avaya" for product "Communication Manager" and version "4.0.1" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 4.0.1 Search vendor "Avaya" for product "Communication Manager" and version "4.0.1" | sp15215 |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 4.0.1 Search vendor "Avaya" for product "Communication Manager" and version "4.0.1" | sp15500 |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Communication Manager Search vendor "Avaya" for product "Communication Manager" | 4.0.3 Search vendor "Avaya" for product "Communication Manager" and version "4.0.3" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Sip Enablement Services Search vendor "Avaya" for product "Sip Enablement Services" | 3.0 Search vendor "Avaya" for product "Sip Enablement Services" and version "3.0" | - |
Affected
| ||||||