Aura Communication Manager@* Security Vulnerabilities and Issues — Aura Communication Manager@* CVE List

Lucene search

AvayaAura Communication Manager*

5 matches found

CVE•added 2019/11/15 4:15 p.m.•131 views

CVE-2016-5285

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

7.5CVSS7.2AI score0.00646EPSS

CVE•added 2020/08/11 11:15 p.m.•54 views

CVE-2020-7029

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged...

8.8CVSS7.5AI score0.00231EPSS

CVE•added 2022/10/12 7:15 p.m.•44 views

CVE-2022-2249

Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0.

7.7CVSS7.2AI score0.00062EPSS

CVE•added 2018/09/27 11:29 p.m.•37 views

CVE-2018-15611

A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.

7.2CVSS6.4AI score0.00034EPSS

CVE•added 2019/02/01 3:29 p.m.•36 views

CVE-2018-15617

A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1.

7.5CVSS6.8AI score0.00375EPSS