CVE-2008-5709

Sažetak

Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1 before 3.1.4 SP2, 4.0 before 4.0.3 SP1, and 5.0 before 5.0 SP3 allow remote authenticated users to execute arbitrary code via unknown attack vectors in the (1) Set Static Routes and (2) Backup History components.

Reference

http://secunia.com/advisories/32204
http://support.avaya.com/elmodocs2/security/ASA-2008-391.htm
http://www.securityfocus.com/bid/31645
http://www.voipshield.com/research-details.php?id=121
http://www.voipshield.com/research-details.php?id=122
http://www.vupen.com/english/advisories/2008/2772
https://exchange.xforce.ibmcloud.com/vulnerabilities/45747
https://exchange.xforce.ibmcloud.com/vulnerabilities/45749

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

08-08-2017 - 01:33

Objavljeno

24-12-2008 - 18:29