Unrated severityNVD Advisory· Published Aug 25, 2008· Updated Apr 23, 2026

CVE-2008-3778

Description

The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause a denial of service (messaging outage) or gain privileges via an update request.

Affected products

Avaya/Communication Manager
cpe:2.3:a:avaya:communication_manager:5.0:*:*:*:*:*:*:*
Avaya/Sip Enablement Services
cpe:2.3:a:avaya:sip_enablement_services:5.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.avaya.com/elmodocs2/security/ASA-2008-347.htmnvd
www.securityfocus.com/bid/30758nvd
exchange.xforce.ibmcloud.com/vulnerabilities/44585nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000