Vulnerabilities > AL Enterprise
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-27 | CVE-2019-20049 | Unspecified vulnerability in Al-Enterprise Omnivista 4760 An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. | 9.8 |
2019-12-27 | CVE-2019-20048 | Unrestricted Upload of File with Dangerous Type vulnerability in Al-Enterprise Omnivista 8770 An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. | 7.2 |
2019-12-27 | CVE-2019-20047 | Insufficiently Protected Credentials vulnerability in Al-Enterprise Omnivista 4760 and Omnivista 8770 An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. | 7.5 |
2019-08-01 | CVE-2019-14260 | OS Command Injection vulnerability in Al-Enterprise 8008 Firmware 1.50.13 On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection (missing input validation) issue in the password change field for the Change Password interface allows an authenticated remote attacker in the same network to trigger OS commands via shell commands in a POST request. | 8.0 |
2007-09-18 | CVE-2007-3010 | Unspecified vulnerability in Al-Enterprise Omnipcx Enterprise Communication Server masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action. | 9.8 |