Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6711

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2008-6711
Last Modified 29 Apr 2009 01:27:22
Published 10 Apr 2009 06:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-6711

Summary

Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to "viewing system logs."

Vulnerable Systems

Application

  • Avaya Communication Manager 3.1

  • Avaya Communication Manager 3.1.1

  • Avaya Communication Manager 3.1.2

  • Avaya Communication Manager 3.1.3

  • Avaya Communication Manager 3.1.4

  • Avaya Communication Manager 4.0

  • Avaya Communication Manager 4.0.1

  • Avaya Communication Manager 4.0.3


References

XF - avaya-cm-log-command-execution(43391)

VUPEN - ADV-2008-1944

MISC - http://www.voipshield.com/research-details.php?id=80

BID - 29939

OSVDB - 46581

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm

SECUNIA - 30799


Last Updated: 27 May 2016 10:49:18