Lucene search
HistoryJun 25, 2024 - 4:15 a.m.
CVE-2024-4196
vulnerability
avaya ip office
remote code execution
web request
version 11.1.3.1
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.1%
An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1.
Related
cvelist
cvelist
CVE-2024-4196 Avaya IP Office Web Control RCE Vulnerability
2024-06-25 04:00:30
cve
cve
CVE-2024-4196
2024-06-25 04:15:16
vulnrichment
vulnrichment
CVE-2024-4196 Avaya IP Office Web Control RCE Vulnerability
2024-06-25 04:00:30
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.1%
Related for NVD:CVE-2024-4196