Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-32218
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
Avaya Ix Workforce Engagement 15.2.7.1195
6.1
CVSSv3
CVE-2021-25655
A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 up to and including 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
Avaya Aura Experience Portal
Avaya Aura Experience Portal 8.0.0
6.1
CVSSv3
CVE-2019-7000
A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions before 8.0 SP14 (8.0.14). Prior versions not listed w...
Avaya Aura Conferencing 8.0
Avaya Aura Conferencing
6.1
CVSSv3
CVE-2018-15613
A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
Avaya Aura Orchestration Designer
5.5
CVSSv3
CVE-2021-25652
An information disclosure vulnerability exists in the directory and file management of Avaya Aura Appliance Virtualization Platform Utilities (AVPU). This vulnerability may potentially allow any local user to access system functionality and configuration information that should o...
Avaya Aura Appliance Virtualization Platform
5.5
CVSSv3
CVE-2021-25649
An information disclosure vulnerability exists in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged u...
Avaya Aura Utility Services
5.5
CVSSv3
CVE-2020-7030
A sensitive information disclosure vulnerability exists in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 up to and including 10.1.0.7 and 11.0 though...
Avaya Ip Office 9.0
Avaya Ip Office 9.1
Avaya Ip Office
5.5
CVSSv3
CVE-2019-7006
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local malicious user to decrypt sensitive information. Affected versions include all 6.2.x versions before 6.2 SP13.
Avaya One-x Communicator 6.2
5.5
CVSSv3
CVE-2011-4112
The net subsystem in the Linux kernel prior to 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen ...
Linux Linux Kernel
Avaya 9608 Firmware
Avaya 9608g Firmware
Avaya 9611g Firmware
Avaya 9621g Firmware
Avaya 9641g Firmware
Avaya 9641gs Firmware
5.5
CVSSv3
CVE-2010-2942
The actions implementation in the network queueing functionality in the Linux kernel prior to 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory...
Linux Linux Kernel 2.6.36
Linux Linux Kernel
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Opensuse Opensuse 11.1
Opensuse Opensuse 11.3
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Desktop 11
Suse Suse Linux Enterprise Server 10
Suse Suse Linux Enterprise Desktop 10
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Communication Manager 5.2
Avaya Voice Portal 5.1
Avaya Voice Portal 5.0
Avaya Aura System Platform 1.1
Avaya Aura System Platform 6.0
Avaya Aura System Manager 6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »