CVE-2008-6706

Опубликовано: 10 апр. 2009

Источник: nvd

CVSS2: 7.8

EPSS Низкий

Описание

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:avaya:sip_enablement_services:3.0:*:*:*:*:*:*:*

cpe:2.3:a:avaya:sip_enablement_services:3.1:*:*:*:*:*:*:*

cpe:2.3:a:avaya:sip_enablement_services:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:avaya:sip_enablement_services:4.0:*:*:*:*:*:*:*

Одно из

cpe:2.3:a:avaya:communication_manager:3.1:*:*:*:*:*:*:*

cpe:2.3:a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:avaya:communication_manager:3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:avaya:communication_manager:3.1.3:*:*:*:*:*:*:*

cpe:2.3:a:avaya:communication_manager:3.1.4:*:*:*:*:*:*:*

cpe:2.3:a:avaya:communication_manager:3.1.4:sp1:*:*:*:*:*:*

cpe:2.3:a:avaya:communication_manager:3.1.4:sp2:*:*:*:*:*:*

cpe:2.3:a:avaya:communication_manager:3.1.5:*:*:*:*:*:*:*

cpe:2.3:a:avaya:communication_manager:3.1.5:sp0:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00795

Низкий

7.8 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-3pvr-6w33-f6vc

github

больше 3 лет назад