Vulnerability Name:

CVE-2008-6573 (CCN-41730)

Assigned:2008-04-07
Published:2008-04-07
Updated:2017-08-17
Summary:Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communication Manager 3.x, 4.0, and 5.0 (1) allow remote attackers to execute arbitrary SQL commands via unspecified vectors related to profiles in the SIP Personal Information Manager (SPIM) in the web interface; and allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to (2) permissions for SPIM profiles in the web interface and (3) a crafted SIP request to the SIP server.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-89
Vulnerability Consequences:Data Manipulation
References:Source: MITRE
Type: CNA
CVE-2008-6573

Source: OSVDB
Type: UNKNOWN
44284

Source: OSVDB
Type: UNKNOWN
44285

Source: OSVDB
Type: UNKNOWN
44286

Source: CCN
Type: SA29744
Avaya SIP Enablement Services Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
29744

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2008-150.htm

Source: CONFIRM
Type: Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-151.htm

Source: CCN
Type: ASA-2008-151
Input Validation Vulnerabilities in Avaya SES Web Interface

Source: CCN
Type: Avaya Web site
Telecommunication Systems by Avaya

Source: CCN
Type: OSVDB ID: 44284
Avaya SIP Enablement Services (SES) SPIM Pages Unauthenticated Unspecified SQL Injection

Source: CCN
Type: OSVDB ID: 44285
Avaya SIP Enablement Services (SES) SPIM Pages Unspecified SQL Injection

Source: CCN
Type: OSVDB ID: 44286
Avaya SIP Enablement Services (SES) SIP REQUEST SQL Injection

Source: BID
Type: UNKNOWN
28682

Source: CCN
Type: BID-28682
Avaya SIP Enablement Services and Communications Manager Multiple SQL Injection Vulnerabilities

Source: CCN
Type: BID-28687
Avaya SIP Enablement Services (SES) Server Multiple Input Validation Vulnerabilities

Source: CCN
Type: VoIPshield Systems Inc Web site
SPIM Unauthenticated SQL Injection

Source: MISC
Type: UNKNOWN
http://www.voipshield.com/research-details.php?id=22

Source: MISC
Type: UNKNOWN
http://www.voipshield.com/research-details.php?id=25

Source: MISC
Type: UNKNOWN
http://www.voipshield.com/research-details.php?id=26

Source: XF
Type: UNKNOWN
avaya-ses-spim-sql-injection(41730)

Source: XF
Type: UNKNOWN
avaya-ses-spim-sql-injection(41730)

Source: XF
Type: UNKNOWN
avaya-ses-sip-sql-injection(41733)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:avaya:communication_manager:*:*:*:*:*:*:*:* (Version <= 3.1)
  • OR cpe:/a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.4:sp1:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.4:sp2:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.5:sp0:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:5.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:avaya:communication_manager:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.4:sp1:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.4:sp2:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.5:sp0:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    avaya communication manager *
    avaya communication manager 3.1.1
    avaya communication manager 3.1.2
    avaya communication manager 3.1.3
    avaya communication manager 3.1.4
    avaya communication manager 3.1.4 sp1
    avaya communication manager 3.1.4 sp2
    avaya communication manager 3.1.5
    avaya communication manager 3.1.5 sp0
    avaya communication manager 4.0
    avaya communication manager 5.0
    avaya communication manager 3.1
    avaya communication manager 3.1.4
    avaya communication manager 4.0
    avaya communication manager 5.0
    avaya communication manager 3.1.3
    avaya communication manager 3.1.1
    avaya communication manager 3.1.2
    avaya communication manager 3.1.4 sp1
    avaya communication manager 3.1.4 sp2
    avaya communication manager 3.1.5
    avaya communication manager 3.1.5 sp0