CVE-2008-3778

Sažetak

The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause a denial of service (messaging outage) or gain privileges via an update request.

Reference

http://support.avaya.com/elmodocs2/security/ASA-2008-347.htm
http://www.securityfocus.com/bid/30758
https://exchange.xforce.ibmcloud.com/vulnerabilities/44585

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

08-08-2017 - 01:32

Objavljeno

25-08-2008 - 21:41