Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2021-25650
A privilege escalation vulnerability exists in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services
Avaya Aura Utility Services
4.6
CVSSv2
CVE-2021-25654
An arbitrary code execution vulnerability exists in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 up to and including 8.1.4.0 versions of Avaya Aura Device Services.
Avaya Aura Device Services
7.2
CVSSv2
CVE-2018-15611
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version before 7.1.3.1.
Avaya Aura Communication Manager
4.3
CVSSv2
CVE-2018-15613
A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
Avaya Aura Orchestration Designer
5
CVSSv2
CVE-2018-15617
A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions before 7.1.3.2, and all 8.x versions before 8.0...
Avaya Aura Communication Manager
NA
CVE-2023-7031
Insecure Direct Object Reference vulnerabilities were discovered in the Avaya Aura Experience Portal Manager which may allow partial information disclosure to an authenticated non-privileged user. Affected versions include 8.0.x and 8.1.x, before 8.1.2 patch 0402. Versions before...
Avaya Aura Experience Portal
5
CVSSv2
CVE-2007-3320
The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and previous versions SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote malicious users to have an unspecified impact.
Avaya 4602sw Ip Phone
5
CVSSv2
CVE-2007-3321
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and previous versions SIP firmware allows remote malicious users to cause a denial of service (device reboot) via a flood of packets to the BOOTP port (68/udp).
Avaya 4602sw Ip Phone
5
CVSSv2
CVE-2008-6140
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Avaya one-X Desktop Edition 2.1.0.78 allows remote malicious users to cause a denial of service (crash) via unspecified vectors.
Avaya One-x 2.1.0.78
6.6
CVSSv2
CVE-2009-3939
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and previous versions has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
Linux Linux Kernel
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Virtualization 5
Redhat Enterprise Linux Eus 5.4
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Communication Manager 5.2
Avaya Voice Portal 5.0
Avaya Aura System Platform 1.1
Avaya Aura Session Manager 1.1
Avaya Aura Session Manager 5.2
Avaya Aura Sip Enablement Services 5.2
Avaya Aura Application Enablement Services 5.2
Avaya Aura Application Enablement Services 5.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »