5 matches found
CVE-2023-31186
CVE-2023-31186 affects Avaya IX Workforce Engagement, specifically version 15.2.7.1195, where a user enumeration vulnerability is described as an observable response discrepancy. The connected documents (e.g., CNNVD-202305-2542 and NVD entry) corroborate that an attacker could enumerate users via...
CVE-2023-31187
CVE-2023-31187 affects Avaya IX Workforce Engagement v15.2.7.1195. The underlying issue is CWE-522: Insufficiently Protected Credentials, leading to potential exposure of sensitive data. According to the sources, the vulnerability has a network attack vector with low complexity and low privileges...
CVE-2023-32218
CVE-2023-32218 affects Avaya IX Workforce Engagement v15.2.7.1195, where an Open Redirect vulnerability (CWE-601) arises from unsafe URL redirection to untrusted sites. The NVD/NIST entry lists a base CVSS v3.1 score of 6.1 (Medium) with Network attack vector, low attack complexity, and user inte...
CVE-2023-31187 Avaya IX Workforce Engagement - CWE-522: Insufficiently Protected Credentials
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
CVE-2023-32218
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site 'Open Redirect'...