Vulnerabilities > CVE-2021-25654 - Unspecified vulnerability in Avaya Aura Device Services

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

avaya

NVD

Published: 2021-06-25

Updated: 2022-08-01

Summary

An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services.

Vulnerable Configurations

Part	Description	Count
Application	Avaya Avaya Aura Device Services 7.0 Avaya Aura Device Services 7.0.1.0 Avaya Aura Device Services 8.0 Avaya Aura Device Services 8.0.0.0.268 Avaya Aura Device Services 8.0.0.1.2 Avaya Aura Device Services 8.0.1.0.1026 Avaya Aura Device Services 8.1.4.0	7

References

https://support.avaya.com/css/P8/documents/101076523