Description
Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1.x, 4.0.3, and 5.x allow remote attackers to read (1) configuration files, (2) log files, (3) binary image files, and (4) help files via unknown vectors.
Affected products
- Avaya / Communication Manager3.1 – 3.1
- Avaya / Communication Manager3.1.1 – 3.1.1
- Avaya / Communication Manager3.1.2 – 3.1.2
- Avaya / Communication Manager3.1.3 – 3.1.3
- Avaya / Communication Manager3.1.4 – 3.1.4
- Avaya / Communication Manager3.1.4 – 3.1.4
- Avaya / Communication Manager3.1.4 – 3.1.4
- Avaya / Communication Manager3.1.5 – 3.1.5
- Avaya / Communication Manager3.1.5 – 3.1.5
- Avaya / Communication Manager4.0.3 – 4.0.3
- Avaya / Communication Manager5.0 – 5.0
- Avaya / Communication Manager5.0 – 5.0
- Avaya / Communication Manager5.0 – 5.0
- Avaya / Communication Manager5.0 – 5.0
- Avaya / Communication Manager5.1 – 5.1
- Avaya / Communication Manager5.1 – 5.1
- Avaya / Communication Manager5.1.1 – 5.1.1
- Avaya / Communication Manager5.1.1 – 5.1.1
- Avaya / Communication Manager5.1.2 – 5.1.2
- Avaya / Communication Manager5.1.2 – 5.1.2
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2774
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/45750
- VENDOR_ADVISORYhttp://secunia.com/advisories/32035
- MISChttp://www.voipshield.com/research-details.php?id=123
- MISChttp://www.securityfocus.com/bid/31639
- MISChttp://support.avaya.com/elmodocs2/security/ASA-2008-394.htm