Avaya

A SQL injection vulnerability was found which could

CVE-2024-7477 6.7 - Medium - August 08, 2024

A SQL injection vulnerability was found which could allow a command line interface (CLI) user with administrative privileges to execute arbitrary queries against the Avaya Aura System Manager database.  Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer support.

SQL Injection

An Improper access control vulnerability was found in Avaya Aura System Manager which could

CVE-2024-7480 4.4 - Medium - August 08, 2024

An Improper access control vulnerability was found in Avaya Aura System Manager which could allow a command-line interface (CLI) user with administrative privileges to read arbitrary files on the system. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer support.

An improper input validation vulnerability was discovered in Avaya IP Office

CVE-2024-4196 9.8 - Critical - June 25, 2024

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1.

An unrestricted file upload vulnerability in Avaya IP Office was discovered

CVE-2024-4197 9.8 - Critical - June 25, 2024

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to 11.1.3.1.

Unrestricted File Upload

Insecure Direct Object Reference vulnerabilities were discovered in the Avaya Aura Experience Portal Manager which may

CVE-2023-7031 4.3 - Medium - January 17, 2024

Insecure Direct Object Reference vulnerabilities were discovered in the Avaya Aura Experience Portal Manager which may allow partial information disclosure to an authenticated non-privileged user. Affected versions include 8.0.x and 8.1.x, prior to 8.1.2 patch 0402. Versions prior to 8.0 are end of manufacturer support.

Insecure Direct Object Reference / IDOR

An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could

CVE-2023-3722 9.8 - Critical - July 19, 2023

An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.

Unrestricted File Upload

A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which

CVE-2023-3527 6.8 - Medium - July 18, 2023

A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to open the file by a spreadsheet software such as Microsoft Excel.  

CSV Injection

Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CVE-2023-32218 6.1 - Medium - May 30, 2023

Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

Open Redirect

Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials

CVE-2023-31187 6.5 - Medium - May 30, 2023

Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials

Insufficiently Protected Credentials

Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy

CVE-2023-31186 5.3 - Medium - May 30, 2023

Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy

Side Channel Attack

Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager

CVE-2022-2249 6.7 - Medium - October 12, 2022

Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0.

Improper Privilege Management

A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application

CVE-2022-2975 6.7 - Medium - October 06, 2022

A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. This issue affects Application Enablement Services versions 8.0.0.0 through 8.1.3.4 and 10.1.0.0 through 10.1.0.1. Versions prior to 8.0.0.0 are end of manufacturing support and were not evaluated.

Incorrect Permission Assignment for Critical Resource

A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator

CVE-2021-25657 7.8 - High - September 02, 2022

A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB Creator 11.1 Feature Pack 2 Service Pack 1 and earlier versions.

An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services

CVE-2021-25654 7.8 - High - June 25, 2021

An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services.

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services

CVE-2021-25649 5.5 - Medium - June 24, 2021

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user. Affects all 7.x versions of Avaya Aura Utility Services

A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may

CVE-2021-25655 6.1 - Medium - June 24, 2021

A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).

Open Redirect

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Appliance Virtualization Platform Utilities (AVPU)

CVE-2021-25652 5.5 - Medium - June 24, 2021

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Appliance Virtualization Platform Utilities (AVPU). This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user. Affects versions 8.0.0.0 through 8.1.3.1 of AVPU.

Exposure of Resource to Wrong Sphere

A privilege escalation vulnerability was discovered in Avaya Aura Appliance Virtualization Platform Utilities (AVPU)

CVE-2021-25653 7.8 - High - June 24, 2021

A privilege escalation vulnerability was discovered in Avaya Aura Appliance Virtualization Platform Utilities (AVPU) that may potentially allow a local user to escalate privileges. Affects 8.0.0.0 through 8.1.3.1 versions of AVPU.

Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could

CVE-2021-25656 5.4 - Medium - June 24, 2021

Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).

XSS

A privilege escalation vulnerability was discovered in Avaya Aura Utility Services

CVE-2021-25650 8.8 - High - June 24, 2021

A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services

Improper Privilege Management

A privilege escalation vulnerability was discovered in Avaya Aura Utility Services

CVE-2021-25651 7.8 - High - June 24, 2021

A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to escalate privileges. Affects all 7.x versions of Avaya Aura Utility Services

Improper Privilege Management

An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox Conferencing could allow an authenticated, remote attacker to gain read access to information

CVE-2020-7037 8.1 - High - April 28, 2021

An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox Conferencing could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system or even potentially lead to a denial of service. The affected versions of Avaya Equinox Conferencing includes all 9.x versions before 9.1.11. Equinox Conferencing is now offered as Avaya Meetings Server.

XXE

A vulnerability was discovered in Management component of Avaya Equinox Conferencing

CVE-2020-7038 7.5 - High - April 28, 2021

A vulnerability was discovered in Management component of Avaya Equinox Conferencing that could potentially allow an unauthenticated, remote attacker to gain access to screen sharing and whiteboard sessions. The affected versions of Management component of Avaya Equinox Conferencing include all 3.x versions before 3.17. Avaya Equinox Conferencing is now offered as Avaya Meetings Server.

A command injection vulnerability in Avaya Session Border Controller for Enterprise could

CVE-2020-7034 8.8 - High - April 23, 2021

A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow an authenticated, remote attacker to send specially crafted messages and execute arbitrary commands with the affected system privileges. Affected versions of Avaya Session Border Controller for Enterprise include 7.x, 8.0 through 8.1.1.x

Command Injection

An XML External Entities (XXE)vulnerability in the web-based user interface of Avaya Aura Orchestration Designer could allow an authenticated, remote attacker to gain read access to information

CVE-2020-7035 6.5 - Medium - April 23, 2021

An XML External Entities (XXE)vulnerability in the web-based user interface of Avaya Aura Orchestration Designer could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Orchestration Designer includes all 7.x versions before 7.2.3.

XXE

An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information

CVE-2020-7036 6.5 - Medium - April 23, 2021

An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7.

XXE

An XML external entity (XXE) vulnerability in Avaya WebLM admin interface

CVE-2020-7032 6.5 - Medium - November 13, 2020

An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Affected versions of Avaya WebLM include: 7.0 through 7.1.3.6 and 8.0 through 8.1.2.

XXE

A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can

CVE-2020-7033 5.4 - Medium - November 13, 2020

A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions of Equinox Conferencing includes all 9.x versions before 9.1.10.

XSS

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging

CVE-2020-7029 8.8 - High - August 11, 2020

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of Communication Manager are 7.0.x, 7.1.x prior to 7.1.3.5 and 8.0.x. Affected versions of Messaging are 7.0.x, 7.1 and 7.1 SP1.

Session Riding

A vulnerability was discovered in the web interface component of IP Office

CVE-2019-7005 7.5 - High - August 07, 2020

A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 through 11.0.4.2.

A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office

CVE-2020-7030 5.5 - Medium - June 04, 2020

A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though 11.0.4.3.

Information Disclosure

A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier

CVE-2019-7007 8.6 - High - February 28, 2020

A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. Successful exploitation could potentially allow an unauthenticated attacker to access files that are outside the restricted directory on the remote server.

Directory traversal

A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could

CVE-2019-7004 5.4 - Medium - December 12, 2019

A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product versions 11.x are affected. Product versions prior to 11.0, including unsupported versions, were not evaluated.

XSS

A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may

CVE-2019-7000 6.1 - Medium - July 31, 2019

A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions prior to 8.0 SP14 (8.0.14). Prior versions not listed were not evaluated.

XSS

A SQL injection vulnerability in the reporting component of Avaya Control Manager could

CVE-2019-7003 10 - Critical - July 11, 2019

A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated attacker to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7.x and 8.0.x versions prior to 8.0.4.0. Unsupported versions not listed here were not evaluated.

SQL Injection

A SQL injection vulnerability in the WebUI component of IP Office Contact Center could

CVE-2019-7001 8.8 - High - April 04, 2019

A SQL injection vulnerability in the WebUI component of IP Office Contact Center could allow an authenticated attacker to retrieve or alter sensitive data related to other users on the system. Affected versions of IP Office Contact Center include all 9.x and 10.x versions prior to 10.1.2.2.2-11201.1908. Unsupported versions not listed here were not evaluated.

SQL Injection

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component

CVE-2019-7006 5.5 - Medium - February 27, 2019

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13.

Use of a Broken or Risky Cryptographic Algorithm

A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could

CVE-2018-15617 7.5 - High - February 01, 2019

A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1.

A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service

CVE-2018-15614 5.4 - Medium - January 23, 2019

A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. Affected versions of IP Office include 10.0 through 10.1 SP3 and 11.0 versions prior to 11.0 SP1.

XSS

A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack

CVE-2018-15616 9.8 - Critical - October 17, 2018

A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack that could result in remote code execution. Affected versions of System Platform includes 6.3.0 through 6.3.9 and 6.4.0 through 6.4.2.

Marshaling, Unmarshaling

A vulnerability in the local system administration component of Avaya Aura Communication Manager can

CVE-2018-15611 6.7 - Medium - September 27, 2018

A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.

A vulnerability in the Supervisor component of Avaya Call Management System

CVE-2018-15615 4.4 - Medium - September 24, 2018

A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x.

Information Disclosure

A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user

CVE-2018-15613 6.1 - Medium - September 21, 2018

A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.

XSS

A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could

CVE-2018-15612 8.8 - High - September 21, 2018

A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an attacker to add, change, or remove administrative settings. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.

Session Riding

A vulnerability in the one-X Portal component of Avaya IP Office

CVE-2018-15610 8.8 - High - September 12, 2018

A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 through 9.1 SP12, 10.0 through 10.0 SP7, and 10.1 through 10.1 SP2.

Directory traversal

System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which

CVE-2018-6635 7.5 - High - February 05, 2018

System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896.

Inadequate Encryption Strength

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application

CVE-2011-1229 - April 13, 2011

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability."

NULL Pointer Dereference

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks

CVE-2010-2943 8.1 - High - September 30, 2010

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

Information Disclosure

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which

CVE-2010-2942 5.5 - Medium - September 21, 2010

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.

Memory Leak

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which

CVE-2010-2798 7.8 - High - September 08, 2010

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.

NULL Pointer Dereference