The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote malicious users to cause a denial of service (messaging outage) or gain privileges via an update request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
avaya sip enablement services 5.0 |
||
avaya communication_manager 5.0 |