{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-06-25T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to \"configuring data viewing or restoring credentials.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2008-1944", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1944/references"}, {"name": "30799", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30799"}, {"tags": ["x_refsource_MISC"], "url": "http://www.voipshield.com/research-details.php?id=79"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm"}, {"name": "avaya-cm-interface-code-execution(43386)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43386"}, {"name": "29939", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29939"}, {"name": "46582", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/46582"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-6710", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to \"configuring data viewing or restoring credentials.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2008-1944", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1944/references"}, {"name": "30799", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30799"}, {"name": "http://www.voipshield.com/research-details.php?id=79", "refsource": "MISC", "url": "http://www.voipshield.com/research-details.php?id=79"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm"}, {"name": "avaya-cm-interface-code-execution(43386)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43386"}, {"name": "29939", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29939"}, {"name": "46582", "refsource": "OSVDB", "url": "http://www.osvdb.org/46582"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T11:42:00.463Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2008-1944", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1944/references"}, {"name": "30799", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30799"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.voipshield.com/research-details.php?id=79"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm"}, {"name": "avaya-cm-interface-code-execution(43386)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43386"}, {"name": "29939", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/29939"}, {"name": "46582", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/46582"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-6710", "datePublished": "2009-04-10T15:00:00", "dateReserved": "2009-04-10T00:00:00", "dateUpdated": "2024-08-07T11:42:00.463Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avaya:communication_manager:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "88F5C363-3A38-43FC-A06D-73E280AB844B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4030E5D-BC15-481D-A15E-98FAE65130D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_manager:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F3FC3A86-CE3D-4C12-9E31-7F7280EF9D28", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_manager:3.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "BBD119B9-FE11-4165-943D-119E906DC013", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_manager:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9F0B0D66-9900-4B9A-A892-31B8607DA852", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_manager:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D5DE700B-B830-445B-AF08-4AD28EF1BE58", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_manager:4.0.1:sp15215:*:*:*:*:*:*", "matchCriteriaId": "522FD345-91ED-4FE2-8069-028C3A2E3974", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_manager:4.0.1:sp15500:*:*:*:*:*:*", "matchCriteriaId": "3507CABD-74EE-4A53-9C09-AF38B3F218F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_manager:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "78F06597-F0EB-4753-BFFF-62A21EE230DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_manager:4.0.2:sp1:*:*:*:*:*:*", "matchCriteriaId": "D14829C8-3C05-426D-835B-355E4240B8EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:communication_manager:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "825C1D4E-CD86-4122-84D7-CF1CB4CF8F10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to \"configuring data viewing or restoring credentials.\""}, {"lang": "es", "value": "Vulnerabilidad no especificada en el interfase de administraci\u00f3n web de Avaya Communication Manager v3.1.x anteriores a CM v3.1.4 SP2 y v4.0.x anteriores a v4.0.3 SP1 permite a administradores remotos autentificados, obtener privilegios de root a trav\u00e9s de vectores no espec\u00edficos, relativos a \"viendo datos de configuraci\u00f3n o restaurando credenciales\"."}], "id": "CVE-2008-6710", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-04-10T22:00:00.733", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30799"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/46582"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29939"}, {"source": "cve@mitre.org", "url": "http://www.voipshield.com/research-details.php?id=79"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1944/references"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43386"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30799"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/46582"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/29939"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.voipshield.com/research-details.php?id=79"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1944/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43386"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}