CVE-2018-6635

2018-02-0518:00:00

mitre

www.cve.org

AI Score

7.7

Confidence

High

EPSS

0.005

Percentile

76.5%

JSON

System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896.

References

www.securityfocus.com/bid/102940

www.securitytracker.com/id/1040329

downloads.avaya.com/css/P8/documents/101038598