Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-7033
A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions of Equinox Conferencing includes all 9.x versions prior to 9.1.10.
Avaya Equinox Conferencing
NA
CVE-2007-5556
Unspecified vulnerability in the Avaya VoIP Handset allows remote malicious users to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known re...
Avaya Voip Handset
8.1
CVSSv3
CVE-2020-7037
An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox Conferencing could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system or even potentially lead to a denial of service. The af...
Avaya Equinox Conferencing
7.5
CVSSv3
CVE-2020-7038
A vulnerability exists in Management component of Avaya Equinox Conferencing that could potentially allow an unauthenticated, remote malicious user to gain access to screen sharing and whiteboard sessions. The affected versions of Management component of Avaya Equinox Conferencin...
Avaya Equinox Conferencing
10
CVSSv3
CVE-2019-7003
A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated malicious user to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7...
Avaya Control Manager
7.5
CVSSv3
CVE-2019-7005
A vulnerability exists in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 up to and including 10.1.0.7 and 11.0 up to and includ...
Avaya Ip Office
8.6
CVSSv3
CVE-2019-7007
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and previous versions. Successful exploitation could potentially allow an unauthenticated malicious user to access files that are outside the restricted directory on the rem...
Avaya Aura Conferencing
8.8
CVSSv3
CVE-2018-15612
A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an malicious user to add, change, or remove administrative settings. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
Avaya Orchestration Designer
NA
CVE-2007-1490
Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allow remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors (aka "shell command injection").
Avaya Communication Manager
NA
CVE-2004-0800
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
Avaya Call Management System Server 11.0
Sun Dtmail
Avaya Call Management System Server 12.0
Avaya Call Management System Server 9.0
Sun Solaris 9.0
Sun Solaris 8.0
Sun Sunos 5.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »