CVE-2010-3280

CVE-2010-3280 · MEDIUM Severity

AV:A/AC:M/AU:N/C:C/I:P/A:P

The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an authorized session, which allows remote attackers to monitor or reconfigure Contact Center operations via a modified client application.

Learn more about our Cis Benchmark Audit For Server Software.