7.1.3

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

avaya

NVD

Published: 2021-06-24

Updated: 2024-04-11

Summary

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user. Affects all 7.x versions of Avaya Aura Utility Services

Vulnerable Configurations

Part	Description	Count
Application	Avaya Avaya Aura Utility Services 7.0 Avaya Aura Utility Services 7.0.1.2 Avaya Aura Utility Services 7.1.3	7

References

https://support.avaya.com/css/P8/documents/101072728