Avaya Call Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Avaya Call Management System.
By the Year
In 2026 there have been 0 vulnerabilities in Avaya Call Management System. Last year, in 2025 Call Management System had 1 security vulnerability published. Right now, Call Management System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 9.80 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 6.80 |
It may take a day or so for new Call Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Avaya Call Management System Security Vulnerabilities
Avaya Call Mgt Sys remote cmd via web req (CVE-2025-1041) – 18.x, 19.x <19.2.0.7, 20.x <20.0.1.0
CVE-2025-1041
9.8 - Critical
- June 10, 2025
An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.
Avaya CMS CSV Injection Allows Admin Arbitrary Command Execution
CVE-2023-3527
6.8 - Medium
- July 18, 2023
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to open the file by a spreadsheet software such as Microsoft Excel.
CSV Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Avaya Call Management System or by Avaya? Click the Watch button to subscribe.
