1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Home
  2. Security
  3. Security Lab
  4. Latest Threats
  5. Vulnerability Descriptions
  6. SA33308

Avaya CMS Solaris SSH CBC Mode Plaintext Recovery Vulnerability

Report ID: SA33308
Source: Secunia
Date of Discovery: 26.12.2008
Criticality: Low
Affects:
Avaya Call Management System (CMS)
Compromise From: From local network
Compromise Type: Exposure of sensitive information

Summary

A vulnerability has been discovered in Avaya CMS, which potentially can be exploited by malicious people to disclose sensitive information.

Detailed Description

A vulnerability has been discovered in Avaya CMS, which potentially can be exploited by malicious people to disclose sensitive information.

The vulnerability is reported in Avaya CMS R13/R13.1 and R14/R14.1.

Solution

The vendor recommends that local and network access to the affected systems be restricted until an update is available.

CVE Reference

CVE-2008-5161