The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.

Avaya IP Office Phone Manager 和其他产品(如 IP Softphone)将敏感数据存储在注册键的明文状态，这允许本地和远程用户通过类似于 Avaya\IP400\Generic 的键来窃取用户名和密码，并模仿其他用户。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）