Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya aura vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-25649
An information disclosure vulnerability exists in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged u...
Avaya Aura Utility Services
5.4
CVSSv3
CVE-2021-25656
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (witho...
Avaya Aura Experience Portal 8.0.0
Avaya Aura Experience Portal
6.5
CVSSv3
CVE-2020-7035
An XML External Entities (XXE)vulnerability in the web-based user interface of Avaya Aura Orchestration Designer could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system. The affected versions of Orchestration Des...
Avaya Aura Orchestration Designer
6.5
CVSSv3
CVE-2020-7032
An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Affected versions of Avaya WebLM include: 7.0 up to and includin...
Avaya Aura System Manager
Avaya Weblm
8.8
CVSSv3
CVE-2020-7029
A Cross-Site Request Forgery (CSRF) vulnerability exists in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote malicious user to perform Web administration actions wi...
Avaya Aura Messaging 7.1
Avaya Aura Messaging
Avaya Aura Communication Manager
8.6
CVSSv3
CVE-2019-7007
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and previous versions. Successful exploitation could potentially allow an unauthenticated malicious user to access files that are outside the restricted directory on the rem...
Avaya Aura Conferencing
6.1
CVSSv3
CVE-2019-7000
A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions before 8.0 SP14 (8.0.14). Prior versions not listed w...
Avaya Aura Conferencing 8.0
Avaya Aura Conferencing
7.5
CVSSv3
CVE-2018-15617
A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions before 7.1.3.2, and all 8.x versions before 8.0...
Avaya Aura Communication Manager
9.8
CVSSv3
CVE-2018-15616
A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack that could result in remote code execution. Affected versions of System Platform includes 6.3.0 up to and including 6.3.9 ...
Avaya Avaya Aura System Platform
6.7
CVSSv3
CVE-2018-15611
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version before 7.1.3.1.
Avaya Aura Communication Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »