Unrated severityNVD Advisory· Published Mar 14, 2005· Updated Apr 16, 2026

CVE-2005-0506

Description

The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.

Affected products

Avaya/Ip Office Phone Manager
cpe:2.3:a:avaya:ip_office_phone_manager:*:*:*:*:*:*:*:*
Avaya/Ip Softphone
cpe:2.3:a:avaya:ip_soft_phone:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.avaya.com/elmodocs2/security/ASA-2005-041_Sensitive_Info_Leak.pdfnvdVendor Advisory
marc.infonvd
marc.infonvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000