CVE-2010-3280

The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an authorized session, which allows remote attackers to monitor or reconfigure Contact Center operations via a modified client application.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:alcatel-lucent:ccagent:7.1:*:*:*:*:*:*:*
cpe:2.3:a:alcatel-lucent:ccagent:*:*:*:*:*:*:*:*
cpe:2.3:a:alcatel-lucent:omnitouch_contact_center:-:-:std:*:*:*:*:*

Information

Published : 2010-09-23 12:00

Updated : 2017-08-16 18:32


NVD link : CVE-2010-3280

Mitre link : CVE-2010-3280


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

alcatel-lucent

  • omnitouch_contact_center
  • ccagent