Vulnerabilities > CVE-2010-3279 - Configuration vulnerability in Alcatel-Lucent Ccagent and Omnitouch Contact Center
Attack vector
ADJACENT_NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
PARTIAL Availability impact
COMPLETE Summary
The default configuration of the CCAgent option before 9.0.8.4 in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition enables maintenance access, which allows remote attackers to monitor or reconfigure Contact Center operations via vectors involving TSA_maintenance.exe.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Common Weakness Enumeration (CWE)
References
- http://secunia.com/advisories/41509
- http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2010001.pdf
- http://www.nruns.com/_downloads/nruns-SA-2010-001.pdf
- http://www.securityfocus.com/archive/1/513869
- http://www.securityfocus.com/bid/43340
- http://www.vupen.com/english/advisories/2010/2459
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61921