CVE-2007-1490

Published: Mar 16, 2007Modified: Apr 23, 2026

6.0

Vector

AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability: 6.8 / Impact: 6.4

Source: NVD

Description

Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allow remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors (aka "shell command injection").

Affected (1)

Products: Avaya: Communication Manager

Avaya

1 product

Communication Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Avaya Communication Manager	Up to 3.1.3

References (6)

http://secunia.com/advisories/24434

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2007-052.htm

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/33300

Source: cve@mitre.org

http://secunia.com/advisories/24434

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.avaya.com/elmodocs2/security/ASA-2007-052.htm

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.osvdb.org/33300

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.