1. CVE-Search
  2. CVE-2008-5710
ID CVE-2008-5710
Summary Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1.x, 4.0.3, and 5.x allow remote attackers to read (1) configuration files, (2) log files, (3) binary image files, and (4) help files via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:avaya:communication_manager:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:3.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:3.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:3.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:3.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:3.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:3.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:3.1.4:sp1:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:3.1.4:sp1:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:3.1.4:sp2:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:3.1.4:sp2:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:3.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:3.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:3.1.5:sp0:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:3.1.5:sp0:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:4.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:4.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:5.0:sp1:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:5.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:5.0:sp2:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:5.0:sp2:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:5.0:sp3:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:5.0:sp3:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:5.1:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:5.1:sp1:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:5.1:sp1:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:5.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:5.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:5.1.1:sp1:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:5.1.1:sp1:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:5.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:5.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:avaya:communication_manager:5.1.2:sp0:*:*:*:*:*:*
    cpe:2.3:a:avaya:communication_manager:5.1.2:sp0:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 08-08-2017 - 01:33)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 31639
confirm http://support.avaya.com/elmodocs2/security/ASA-2008-394.htm
misc http://www.voipshield.com/research-details.php?id=123
secunia 32035
vupen ADV-2008-2774
xf avaya-cm-configuration-info-disclosure(45750)
Last major update 08-08-2017 - 01:33
Published 24-12-2008 - 18:29
Last modified 08-08-2017 - 01:33
Back to Top