Vulnerabilities > Avaya > IP Office > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-02 CVE-2021-25657 Unspecified vulnerability in Avaya IP Office
A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges.
local
low complexity
avaya
7.8
2020-08-07 CVE-2019-7005 Unspecified vulnerability in Avaya IP Office
A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information.
network
low complexity
avaya
7.5
2019-11-15 CVE-2016-5285 NULL Pointer Dereference vulnerability in multiple products
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
network
low complexity
mozilla debian redhat suse avaya CWE-476
7.5
2018-09-12 CVE-2018-15610 Path Traversal vulnerability in Avaya IP Office 10.0/10.1/9.1
A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system.
network
low complexity
avaya CWE-22
8.8