Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-25652
An information disclosure vulnerability exists in the directory and file management of Avaya Aura Appliance Virtualization Platform Utilities (AVPU). This vulnerability may potentially allow any local user to access system functionality and configuration information that should o...
Avaya Aura Appliance Virtualization Platform
5.8
CVSSv2
CVE-2021-25655
A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
Avaya Aura Experience Portal
Avaya Aura Experience Portal 8.0.0
5.5
CVSSv2
CVE-2020-7037
An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox Conferencing could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system or even potentially lead to a denial of service. The af...
Avaya Equinox Conferencing
5
CVSSv2
CVE-2020-7038
A vulnerability exists in Management component of Avaya Equinox Conferencing that could potentially allow an unauthenticated, remote malicious user to gain access to screen sharing and whiteboard sessions. The affected versions of Management component of Avaya Equinox Conferencin...
Avaya Equinox Conferencing
4
CVSSv2
CVE-2020-7036
An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions prior to 4.7.1.1 Patch ...
Avaya Callback Assist
Avaya Callback Assist 4.7.1.1
9
CVSSv2
CVE-2020-7034
A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow an authenticated, remote malicious user to send specially crafted messages and execute arbitrary commands with the affected system privileges. Affected versions of Avaya Session Border...
Avaya Session Border Controller For Enterprise
4
CVSSv2
CVE-2020-7035
An XML External Entities (XXE)vulnerability in the web-based user interface of Avaya Aura Orchestration Designer could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system. The affected versions of Orchestration Des...
Avaya Aura Orchestration Designer
5.5
CVSSv2
CVE-2020-7032
An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Affected versions of Avaya WebLM include: 7.0 up to and includin...
Avaya Aura System Manager
Avaya Weblm
3.5
CVSSv2
CVE-2020-7033
A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions of Equinox Conferencing includes all 9.x versions prior to 9.1.10.
Avaya Equinox Conferencing
6.8
CVSSv2
CVE-2020-7029
A Cross-Site Request Forgery (CSRF) vulnerability exists in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote malicious user to perform Web administration actions wi...
Avaya Aura Communication Manager
Avaya Aura Messaging
Avaya Aura Messaging 7.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »