Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause a denial of service (messaging outage) or gain privileges via an update request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Avaya SES 身份认证绕过漏洞
Vulnerability Description
Avaya是一家提供IP通信以及面向企业通信网络设计、建造、部署和管理的厂商。 基于S8300C平台的Avaya SES 5.0和CM 5.0,当SES被激活时,即使登录是无效的,SIP Enablement Services(SES)服务器中的远程管理界面也会将中心路由器更新继续下去,这使得远程攻击者可以借助一个更新请求,引起拒绝服务或获得特权。
CVSS Information
N/A
Vulnerability Type
N/A