Latest Vulnerabilities Affecting Avaya products

Date	CVE	Title	CVSS
2019-05-10	CVE-2018-8812	Input Validation vulnerability in Avaya IP Office 9.1.2.0	Medium
2019-04-04	CVE-2019-7001	SQL Injection vulnerability in Avaya IP Office Contact Center 10.0.0.0/9.0.0	Medium
2019-02-27	CVE-2019-7006	Cryptographic Issues vulnerability in Avaya ONE X Communicator 6.2	Low
2019-02-01	CVE-2018-15617	Improper Access Control vulnerability in Avaya Aura Communication Manager 6.3.0.1/7.0/8.0	Medium
2019-01-23	CVE-2018-15614	Cross-Site Scripting (XSS) vulnerability in Avaya IP Office 10.0/10.1/11.0	Low
2018-10-17	CVE-2018-15616	Deserialization of Untrusted Data vulnerability in Avaya Aura System Platform 6.3.0/6.4.0	High
2018-09-27	CVE-2018-15611	Permissions, Privileges, and Access Control vulnerability in Avaya Aura Communication Manager 6.3.0.1/7.0	High
2018-09-24	CVE-2018-15615	Information Leak / Disclosure vulnerability in Avaya Call Management System Supervisor 17.0.0/18.0.1.0/18.0.2.0	Low
2018-09-21	CVE-2018-15612	Cross-Site Request Forgery (CSRF) vulnerability in Avaya Orchestration Designer 7.1	Medium
2018-09-21	CVE-2018-15613	Cross-Site Scripting (XSS) vulnerability in Avaya Aura Orchestration Designer 7.2.1	Medium
2018-09-12	CVE-2018-15610	Improper Access Control vulnerability in Avaya IP Office 10.0/10.1/9.1	High
2018-02-05	CVE-2018-6635	Cryptographic Issues vulnerability in Avaya Aura 7.1.1	Medium
2017-11-10	CVE-2017-12969	Buffer Errors vulnerability in Avaya IP Office Contact Center	Medium
2017-11-10	CVE-2017-11309	Buffer Errors vulnerability in Avaya IP Office 10.1	Medium
2017-01-23	CVE-2016-2783	Data Handling vulnerability in Avaya VSP Operating System Software 4.2.2.0/5.0.0.0	High

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.