Vulnerabilities > Avaya
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-06 | CVE-2022-2975 | Incorrect Permission Assignment for Critical Resource vulnerability in Avaya Aura Application Enablement Services A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. | 6.7 |
2022-09-02 | CVE-2021-25657 | Unspecified vulnerability in Avaya IP Office A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. | 7.8 |
2021-06-25 | CVE-2021-25654 | Unspecified vulnerability in Avaya Aura Device Services An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. | 7.8 |
2021-06-24 | CVE-2021-25649 | Unspecified vulnerability in Avaya Aura Utility Services 7.0/7.0.1.2/7.1.3 An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services. | 5.5 |
2021-06-24 | CVE-2021-25650 | Improper Privilege Management vulnerability in Avaya Aura Utility Services 7.0/7.0.1.2/7.1.3 A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. | 8.8 |
2021-06-24 | CVE-2021-25651 | Improper Privilege Management vulnerability in Avaya Aura Utility Services 7.0/7.0.1.2/7.1.3 A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to escalate privileges. | 7.8 |
2021-06-24 | CVE-2021-25652 | Exposure of Resource to Wrong Sphere vulnerability in Avaya Aura Appliance Virtualization Platform 8.0.0.0/8.1.3.1 An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Appliance Virtualization Platform Utilities (AVPU). | 5.5 |
2021-06-24 | CVE-2021-25653 | Unspecified vulnerability in Avaya Aura Appliance Virtualization Platform 8.0.0.0/8.1.3.1 A privilege escalation vulnerability was discovered in Avaya Aura Appliance Virtualization Platform Utilities (AVPU) that may potentially allow a local user to escalate privileges. | 7.8 |
2021-06-24 | CVE-2021-25655 | Open Redirect vulnerability in Avaya Aura Experience Portal 7.1/8.0.0 A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. | 6.1 |
2021-06-24 | CVE-2021-25656 | Cross-site Scripting vulnerability in Avaya Aura Experience Portal 7.1/8.0.0 Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. | 5.4 |