Avaya Communication Manager Web Administration Interface - Privilege Elevation Vulnerability
By exploiting vulnerabilities within the web administration interface within a POST command it is possible to perform a variety of actions. By exploiting a vulnerability within the Set Static Routes configuration it is possible to inject commands which will be executed with root privileges.
Communication Manager 4.x
Avaya has acknowledged the issue and is issuing patches to correct it for the following versions of Communication Manager software:CM 3.1.4 SP2, CM 4.0.3 SP1, CM 5.0 SP3, CM 5.1. More details could be found in Avaya Security Advisory ASA-2008-391 at http://support.avaya.com/elmodocs2/security/ASA-2008-391.htm.
In the short term it is recommended that a VoIP aware IPS product, such as VoIPguard, with signatures to detect attempts to exploit this issue, be implemented to prevent it from being exploited. Implementing best practices can limit the exposure of this issue.
Avaya customers with a valid support agreement may wish to speak with their support contact in order to obtain further vendor details.
Each line represents an individual vulnerability or group of vulnerabilities. For example, "UCM Multiple Hardcoded Passwords" is presented here in a single line but was reported to Nortel as sixteen (16) individual vulnerabilities.
Click on a level for description
Vendor Response LegendPatch available
Attempting to address the issue
No vendor response