Vulnerabilities > Avaya > IP Office > 10.1.0.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-25 | CVE-2024-4196 | Unspecified vulnerability in Avaya IP Office An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. | 9.8 |
| 2024-06-25 | CVE-2024-4197 | Unrestricted Upload of File with Dangerous Type vulnerability in Avaya IP Office An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. | 9.8 |
| 2022-09-02 | CVE-2021-25657 | Unspecified vulnerability in Avaya IP Office A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. | 7.8 |
| 2020-08-07 | CVE-2019-7005 | Unspecified vulnerability in Avaya IP Office A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. | 7.5 |
| 2020-06-04 | CVE-2020-7030 | Information Exposure vulnerability in Avaya IP Office A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. | 5.5 |
| 2017-11-10 | CVE-2017-11309 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Avaya IP Office Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response. | 9.6 |