Aura System Manager Security Vulnerabilities and Issues — Aura System Manager CVE List

Lucene search

AvayaAura System Manager

9 matches found

CVE•added 2019/11/15 4:15 p.m.•131 views

CVE-2016-5285

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

7.5CVSS7.2AI score0.00646EPSS

CVE•added 2010/09/08 8:0 p.m.•114 views

CVE-2010-2798

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified ot...

7.8CVSS7.3AI score0.00053EPSS

CVE•added 2010/09/08 8:0 p.m.•92 views

CVE-2010-2492

Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.

7.8CVSS7.3AI score0.00031EPSS

CVE•added 2010/09/21 6:0 p.m.•91 views

CVE-2010-2942

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related ...

5.5CVSS5.5AI score0.00022EPSS

CVE•added 2010/09/30 3:0 p.m.•88 views

CVE-2010-2943

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned...

8.1CVSS7.2AI score0.02402EPSS

CVE•added 2009/11/16 7:30 p.m.•83 views

CVE-2009-3939

The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.

7.1CVSS6.4AI score0.00044EPSS

CVE•added 2020/11/13 1:15 a.m.•61 views

CVE-2020-7032

An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Affected versions of Avaya WebLM include: 7.0 through 7.1.3.6 and 8.0 through 8.1.2...

6.5CVSS6.3AI score0.005EPSS

CVE•added 2024/08/08 4:15 p.m.•48 views

CVE-2024-7477

A SQL injection vulnerability was found which could allow a command line interface (CLI) user with administrative privileges to execute arbitrary queries against the Avaya Aura System Manager database. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer s...

6.7CVSS7.1AI score0.00095EPSS

CVE•added 2024/08/08 4:15 p.m.•39 views

CVE-2024-7480

An Improper access control vulnerability was found in Avaya Aura System Manager which could allow a command-line interface (CLI) user with administrative privileges to read arbitrary files on the system. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer...

4.4CVSS4.5AI score0.00025EPSS