CVE-2011-3008
First published: Fri Aug 05 2011(Updated: )
The default configuration of Avaya Secure Access Link (SAL) Gateway 1.5, 1.8, and 2.0 contains certain domain names in the Secondary Core Server URL and Secondary Remote Server URL fields, which allows remote attackers to obtain sensitive information by leveraging administrative access to these domain names, as demonstrated by alarm and log information.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Avaya Secure Access Link Gateway | =1.5 | |
| Avaya Secure Access Link Gateway | =1.8 | |
| Avaya Secure Access Link Gateway | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/avaya
- canonical/avaya secure access link gateway
- version/avaya secure access link gateway/1.5
- version/avaya secure access link gateway/1.8
- version/avaya secure access link gateway/2.0