Improper input validation in Avaya Communication_manager
CVE-2008-5709
Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1 before 3.1.4 SP2, 4.0 before 4.0.3 SP1, and 5.0 before 5.0 SP3 allow remote authenticated users to execute arbitrary code via unkn…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.033 (87.1th percentile) — read the EPSS interpretation.
Affected products
- Avaya Communication_manager — versions 3.1.1, 3.1.2, 3.1.3
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)