7.8
CVE-2008-6706
- EPSS 0.8%
- Veröffentlicht 10.04.2009 22:00:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Avaya ≫ Sip Enablement Services Version3.0
Avaya ≫ Sip Enablement Services Version3.1
Avaya ≫ Sip Enablement Services Version3.1.1
Avaya ≫ Sip Enablement Services Version4.0
Avaya ≫ Communication Manager Version3.1
Avaya ≫ Communication Manager Version3.1.1
Avaya ≫ Communication Manager Version3.1.2
Avaya ≫ Communication Manager Version3.1.3
Avaya ≫ Communication Manager Version3.1.4
Avaya ≫ Communication Manager Version3.1.4 Updatesp1
Avaya ≫ Communication Manager Version3.1.4 Updatesp2
Avaya ≫ Communication Manager Version3.1.5
Avaya ≫ Communication Manager Version3.1.5 Updatesp0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.8% | 0.717 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:C/I:N/A:N
|