Intrusion Prevention

Alcatel-Lucent.OmniVista.LDAP.Credentials.Disclosure

Description

This indicates an attack attempt to exploit an Information Disclosure Vulnerability in Alcatel-Lucent OmniVista devices.
The vulnerability is due to improper authentication in the application. A remote attacker can exploit this to access sensitive information, such as admin credentials, on the affected devices.

Affected Products

Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.al-enterprise.com/en/-/media/assets/internet/documents/sa-c0065-ov8770-rce-vulnerability-en.pdf

CVE References

CVE-2019-20047