Skip to navigation
Skip to content
Skip to secondary-content
F-Secure
Online Wellbeing
Tools
Choose location:
Belgium - Dutch
Belgium - French
Brazil
Estonia
Finland
France
Germany
Global
Greece
India
Japan
Netherlands
Poland
Russia
Slovenia
Sweden
UK
USA
Search
Go
Navigation
Home
Products
eStore
Partners
Support
Downloads
Security
About Us
Subnavigation
Security Center
Security Lab
World Map
Security Lab
Latest Threats
Submit Samples
Tools & Services
Learn More
Where You Are
Home
Security
Security Lab
Latest Threats
Vulnerability Descriptions
SA33308
Avaya CMS Solaris SSH CBC Mode Plaintext Recovery Vulnerability
Report ID:
SA33308
Source:
Secunia
Date of Discovery:
26.12.2008
Criticality:
Low
Affects:
Avaya Call Management System (CMS)
Compromise From:
From local network
Compromise Type:
Exposure of sensitive information
Summary
A vulnerability has been discovered in Avaya CMS, which potentially can be exploited by malicious people to disclose sensitive information.
Detailed Description
A vulnerability has been discovered in Avaya CMS, which potentially can be exploited by malicious people to disclose sensitive information.
The vulnerability is reported in Avaya CMS R13/R13.1 and R14/R14.1.
Solution
The vendor recommends that local and network access to the affected systems be restricted until an update is available.
CVE Reference
CVE-2008-5161