CVE-2008-6711

EUVD-2008-6671
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to "viewing system logs."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
avayacommunication_manager
3.1
avayacommunication_manager
3.1.1
avayacommunication_manager
3.1.2
avayacommunication_manager
3.1.3
avayacommunication_manager
3.1.4
avayacommunication_manager
3.1.4:sp1
avayacommunication_manager
4.0
avayacommunication_manager
4.0.1
avayacommunication_manager
4.0.1:sp15215
avayacommunication_manager
4.0.1:sp15500
avayacommunication_manager
4.0.3
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/30799
http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm
http://www.osvdb.org/46581
http://www.securityfocus.com/bid/29939
http://www.voipshield.com/research-details.php?id=80
http://www.vupen.com/english/advisories/2008/1944/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43391
http://secunia.com/advisories/30799
http://support.avaya.com/elmodocs2/security/ASA-2008-270.htm
http://www.osvdb.org/46581
http://www.securityfocus.com/bid/29939
http://www.voipshield.com/research-details.php?id=80
http://www.vupen.com/english/advisories/2008/1944/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43391