Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-7037
An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox Conferencing could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system or even potentially lead to a denial of service. The af...
Avaya Equinox Conferencing
7.5
CVSSv3
CVE-2020-7038
A vulnerability exists in Management component of Avaya Equinox Conferencing that could potentially allow an unauthenticated, remote malicious user to gain access to screen sharing and whiteboard sessions. The affected versions of Management component of Avaya Equinox Conferencin...
Avaya Equinox Conferencing
NA
CVE-2001-1260
Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote malicious users to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot.
Avaya Argent Office
9.6
CVSSv3
CVE-2017-11309
Buffer overflow in the SoftConsole client in Avaya IP Office prior to 10.1.1 allows remote servers to execute arbitrary code via a long response.
Avaya Ip Office
1 EDB exploit
7.5
CVSSv3
CVE-2019-7005
A vulnerability exists in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 up to and including 10.1.0.7 and 11.0 up to and includ...
Avaya Ip Office
8.8
CVSSv3
CVE-2018-15612
A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an malicious user to add, change, or remove administrative settings. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
Avaya Orchestration Designer
5.4
CVSSv3
CVE-2020-7033
A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions of Equinox Conferencing includes all 9.x versions prior to 9.1.10.
Avaya Equinox Conferencing
10
CVSSv3
CVE-2019-7003
A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated malicious user to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7...
Avaya Control Manager
8.6
CVSSv3
CVE-2019-7007
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and previous versions. Successful exploitation could potentially allow an unauthenticated malicious user to access files that are outside the restricted directory on the rem...
Avaya Aura Conferencing
NA
CVE-2004-0800
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
Avaya Call Management System Server 11.0
Sun Dtmail
Avaya Call Management System Server 12.0
Avaya Call Management System Server 9.0
Sun Solaris 9.0
Sun Solaris 8.0
Sun Sunos 5.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »