Vulnerabilities > CVE-2007-1491 - Remote Security vulnerability in S8500

CVSS 5.2 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

low complexity

avaya

NVD

Published: 2007-03-16

Updated: 2008-09-05

Summary

Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.

Vulnerable Configurations

Part	Description	Count
Application	Avaya Avaya SIP Enablement Services *	1
Hardware	Avaya Avaya S8300 - Avaya S8500 - Avaya S8700 -	3

References

http://secunia.com/advisories/24434
http://support.avaya.com/elmodocs2/security/ASA-2007-051.htm
http://www.osvdb.org/33346