Vulnerabilities > CVE-2021-25654 - Unspecified vulnerability in Avaya Aura Device Services

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

avaya

NVD

Published: 2021-06-25

Updated: 2022-08-01

Summary

An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services.

Vulnerable Configurations

Part	Description	Count
Application	Avaya Avaya Aura Device Services 7.0 Avaya Aura Device Services 7.0.1.0 Avaya Aura Device Services 8.0 Avaya Aura Device Services 8.0.0.0.268 Avaya Aura Device Services 8.0.0.1.2 Avaya Aura Device Services 8.0.1.0.1026 Avaya Aura Device Services 8.1.4.0	7

References

https://support.avaya.com/css/P8/documents/101076523