Vulnerabilities > Alcatel Lucent > High

DATE CVE VULNERABILITY TITLE RISK
2010-09-23 CVE-2010-3279 Configuration vulnerability in Alcatel-Lucent Ccagent and Omnitouch Contact Center
The default configuration of the CCAgent option before 9.0.8.4 in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition enables maintenance access, which allows remote attackers to monitor or reconfigure Contact Center operations via vectors involving TSA_maintenance.exe.
7.6
2007-11-20 CVE-2007-5361 Information Disclosure And Denial Of Service vulnerability in OmniPCX Enterprise Audio Rerouting
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename.
network
low complexity
alcatel-lucent
8.5
2007-06-07 CVE-2007-2512 Unspecified vulnerability in Alcatel-Lucent Omnipcx 7.0
Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems.
network
low complexity
alcatel-lucent
7.5
2007-02-14 CVE-2007-0932 Permissions, Privileges, and Access Controls vulnerability in multiple products
The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN.
network
low complexity
alcatel-lucent aruba CWE-264
7.5
2007-02-14 CVE-2007-0931 Multiple vulnerability in Aruba Mobility Controller
Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via long credential strings.
network
low complexity
alcatel-lucent aruba
7.5