CVE-2008-6797
First published: Thu May 07 2009(Updated: )
The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitel Mitel Nupoint Messenger | =r3 | |
| Mitel Mitel Nupoint Messenger | =r11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2008-6797?
CVE-2008-6797 is considered a medium severity vulnerability due to the potential exposure of sensitive credentials in cleartext.
How do I fix CVE-2008-6797?
To fix CVE-2008-6797, upgrade to a patched version of Mitel NuPoint Messenger that addresses the cleartext transmission issue.
Who is affected by CVE-2008-6797?
Users of Mitel NuPoint Messenger versions R3 and R11 are affected by CVE-2008-6797.
What information can attackers obtain through CVE-2008-6797?
Attackers can obtain usernames and passwords transmitted in cleartext to Exchange servers due to CVE-2008-6797.
How can I prevent attacks related to CVE-2008-6797?
To prevent attacks, ensure that network traffic is encrypted and that you update to a secure version of Mitel NuPoint Messenger.
- collector/nvd-historical
- collector/nvd-index
- agent/softwarecombine
- agent/type
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/mitel
- canonical/mitel mitel nupoint messenger
- version/mitel mitel nupoint messenger/r3
- version/mitel mitel nupoint messenger/r11