Avaya Call Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Avaya Call Management System.
By the Year
In 2025 there have been 1 vulnerability in Avaya Call Management System with an average score of 9.8 out of ten. Call Management System did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2025 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 1 | 9.80 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 6.80 |
It may take a day or so for new Call Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Avaya Call Management System Security Vulnerabilities
Avaya Call Mgt Sys remote cmd via web req (CVE-2025-1041) – 18.x, 19.x <19.2.0.7, 20.x <20.0.1.0
CVE-2025-1041
9.8 - Critical
- June 10, 2025
An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which
CVE-2023-3527
6.8 - Medium
- July 18, 2023
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to open the file by a spreadsheet software such as Microsoft Excel.
CSV Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Avaya Call Management System or by Avaya? Click the Watch button to subscribe.
