Описание
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:avaya:ip_office_phone_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip_soft_phone:*:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03779
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
EPSS
Процентиль: 88%
0.03779
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other