Lucene search

[email protected]NVD:CVE-2022-2249

HistoryOct 12, 2022 - 7:15 p.m.

CVE-2022-2249

2022-10-1219:15:09

CWE-269

[email protected]

web.nvd.nist.gov

avaya

aura

privilege escalation

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0.

Affected configurations

Nvd

Node

avayaaura_communication_managerRange8.0–8.1.3.4

avayaaura_communication_managerMatch10.1.0.0

VendorProductVersionCPE
avayaaura_communication_manager*cpe:2.3:a:avaya:aura_communication_manager:*:*:*:*:*:*:*:*
avayaaura_communication_manager10.1.0.0cpe:2.3:a:avaya:aura_communication_manager:10.1.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
avaya	aura_communication_manager	*	cpe:2.3:a:avaya:aura_communication_manager::::::::
avaya	aura_communication_manager	10.1.0.0	cpe:2.3:a:avaya:aura_communication_manager:10.1.0.0:::::::*

References

download.avaya.com/css/public/documents/101083760

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2022-2249

cvelist1 cve1 prion1