Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2018-15611
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version before 7.1.3.1.
Avaya Aura Communication Manager
6.1
CVSSv3
CVE-2018-15613
A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
Avaya Aura Orchestration Designer
7.5
CVSSv3
CVE-2018-15617
A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions before 7.1.3.2, and all 8.x versions before 8.0...
Avaya Aura Communication Manager
6.5
CVSSv3
CVE-2020-7035
An XML External Entities (XXE)vulnerability in the web-based user interface of Avaya Aura Orchestration Designer could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system. The affected versions of Orchestration Des...
Avaya Aura Orchestration Designer
NA
CVE-2008-6140
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Avaya one-X Desktop Edition 2.1.0.78 allows remote malicious users to cause a denial of service (crash) via unspecified vectors.
Avaya One-x 2.1.0.78
NA
CVE-2001-1262
Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote malicious users to bypass authentication with a 0 length community string.
Avaya Argent Office 2.1
5.5
CVSSv3
CVE-2021-25649
An information disclosure vulnerability exists in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged u...
Avaya Aura Utility Services
8.8
CVSSv3
CVE-2021-25650
A privilege escalation vulnerability exists in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services
Avaya Aura Utility Services
7.8
CVSSv3
CVE-2021-25651
A privilege escalation vulnerability exists in Avaya Aura Utility Services that may potentially allow a local user to escalate privileges. Affects all 7.x versions of Avaya Aura Utility Services
Avaya Aura Utility Services
7.8
CVSSv3
CVE-2021-25654
An arbitrary code execution vulnerability exists in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 up to and including 8.1.4.0 versions of Avaya Aura Device Services.
Avaya Aura Device Services
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »