CVE-2007-1490

Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allow remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors (aka "shell command injection").

Published: Mar 16, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-1490
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6
AV:N/AC:M/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
avaya / communication_manager	-	3.1.3.x

http://secunia.com/advisories/24434
http://support.avaya.com/elmodocs2/security/ASA-2007-052.htm
http://www.osvdb.org/33300

Vulnerability Database

289,599

CVE-2007-1490