Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-7005
A vulnerability exists in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 up to and including 10.1.0.7 and 11.0 up to and includ...
Avaya Ip Office
5.5
CVSSv3
CVE-2020-7030
A sensitive information disclosure vulnerability exists in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 up to and including 10.1.0.7 and 11.0 though...
Avaya Ip Office 9.0
Avaya Ip Office 9.1
Avaya Ip Office
8.6
CVSSv3
CVE-2019-7007
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and previous versions. Successful exploitation could potentially allow an unauthenticated malicious user to access files that are outside the restricted directory on the rem...
Avaya Aura Conferencing
5.4
CVSSv3
CVE-2019-7004
A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product versions 11.x are affected. Product versions before 11.0, including unsupported ve...
Avaya Ip Office Application Server
6.1
CVSSv3
CVE-2019-7000
A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions before 8.0 SP14 (8.0.14). Prior versions not listed w...
Avaya Aura Conferencing 8.0
Avaya Aura Conferencing
10
CVSSv3
CVE-2019-7003
A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated malicious user to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7...
Avaya Control Manager
8.8
CVSSv3
CVE-2019-7001
A SQL injection vulnerability in the WebUI component of IP Office Contact Center could allow an authenticated malicious user to retrieve or alter sensitive data related to other users on the system. Affected versions of IP Office Contact Center include all 9.x and 10.x versions b...
Avaya Ip Office Contact Center
5.5
CVSSv3
CVE-2019-7006
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local malicious user to decrypt sensitive information. Affected versions include all 6.2.x versions before 6.2 SP13.
Avaya One-x Communicator 6.2
7.5
CVSSv3
CVE-2018-15617
A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions before 7.1.3.2, and all 8.x versions before 8.0...
Avaya Aura Communication Manager
5.4
CVSSv3
CVE-2018-15614
A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. Affected versions of IP Office include 10.0 up to ...
Avaya Ip Office 10.0
Avaya Ip Office 10.1
Avaya Ip Office 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »