Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords."
Advisories
Source ID Title
EUVD EUVD EUVD-2008-6666 Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords."
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-07T11:41:59.544Z

Reserved: 2009-04-10T00:00:00

Link: CVE-2008-6706

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2009-04-10T22:00:00.640

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-6706

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.