Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya aura vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-7031
Insecure Direct Object Reference vulnerabilities were discovered in the Avaya Aura Experience Portal Manager which may allow partial information disclosure to an authenticated non-privileged user. Affected versions include 8.0.x and 8.1.x, before 8.1.2 patch 0402. Versions before...
Avaya Aura Experience Portal
9.8
CVSSv3
CVE-2023-3722
An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and previous versions.
Avaya Aura Device Services
6.7
CVSSv3
CVE-2022-2249
Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 up to and including 8.1.3.3 and 10.1.0.0.
Avaya Aura Communication Manager 10.1.0.0
Avaya Aura Communication Manager
6.7
CVSSv3
CVE-2022-2975
A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. This issue affects Application Enablement Services v...
Avaya Aura Application Enablement Services
7.8
CVSSv3
CVE-2021-25654
An arbitrary code execution vulnerability exists in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 up to and including 8.1.4.0 versions of Avaya Aura Device Services.
Avaya Aura Device Services
7.8
CVSSv3
CVE-2021-25653
A privilege escalation vulnerability exists in Avaya Aura Appliance Virtualization Platform Utilities (AVPU) that may potentially allow a local user to escalate privileges. Affects 8.0.0.0 up to and including 8.1.3.1 versions of AVPU.
Avaya Aura Appliance Virtualization Platform
6.1
CVSSv3
CVE-2021-25655
A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
Avaya Aura Experience Portal
Avaya Aura Experience Portal 8.0.0
5.4
CVSSv3
CVE-2021-25656
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (witho...
Avaya Aura Experience Portal
Avaya Aura Experience Portal 8.0.0
5.5
CVSSv3
CVE-2021-25649
An information disclosure vulnerability exists in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged u...
Avaya Aura Utility Services
8.8
CVSSv3
CVE-2021-25650
A privilege escalation vulnerability exists in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services
Avaya Aura Utility Services
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »