Unrated severityNVD Advisory· Published Aug 5, 2011· Updated Apr 29, 2026

CVE-2011-3008

Description

The default configuration of Avaya Secure Access Link (SAL) Gateway 1.5, 1.8, and 2.0 contains certain domain names in the Secondary Core Server URL and Secondary Remote Server URL fields, which allows remote attackers to obtain sensitive information by leveraging administrative access to these domain names, as demonstrated by alarm and log information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Avaya/Secure Access Link Gateway4 versions
cpe:2.3:a:avaya:secure_access_link_gateway:1.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:avaya:secure_access_link_gateway:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:secure_access_link_gateway:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:secure_access_link_gateway:2.0:*:*:*:*:*:*:*
- (no CPE)range: = 1.5, 1.8, 2.0

Patches

Vulnerability mechanics

References

support.avaya.com/css/P8/documents/100140483nvdVendor Advisory
www.kb.cert.org/vuls/id/690315nvdUS Government Resource
www.securityfocus.com/bid/48942nvd
exchange.xforce.ibmcloud.com/vulnerabilities/68922nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000