Avaya Latest Vulnerabilities

August 8

Avaya Aura System Manager CVSS Score: 8.8 Due to SQL Injection Vulnerability

CVE-2024-7477
AvayaAura System Manager6.7MEDIUM

Avaya Aura System Manager Vulnerability Allows Access to Arbitrary Files

CVE-2024-7480
AvayaAura System Manager4.4MEDIUM

June 25

Unrestricted File Upload Vulnerability Affects Avaya IP Office

CVE-2024-4197
AvayaIp Office9.9CRITICAL

Avaya IP Office Vulnerability Could Allow Remote Command Execution

CVE-2024-4196
AvayaIp Office10CRITICAL

January 17

Avaya Experience Portal Manager Insecure Direct Object Reference Vulnerabilities

CVE-2023-7031
AvayaExperience Portal Manager4.3MEDIUM

July 19

Avaya Aura Device Services Remote Code Execution

CVE-2023-3722
AvayaAura Device Services👾8.6HIGH

July 18

Avaya Call Management System CSV injection vulnerability

CVE-2023-3527
AvayaAvaya Call Management ...6.8MEDIUM

May 30

Avaya IX Workforce Engagement - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CVE-2023-32218
AvayaIX Workforce Engagement6.1MEDIUM

Avaya IX Workforce Engagement - User Enumeration - CWE-204: Observable Response Discrepancy

CVE-2023-31186
AvayaIX Workforce Engagement5.3MEDIUM

Avaya IX Workforce Engagement - CWE-522: Insufficiently Protected Credentials

CVE-2023-31187
AvayaIX Workforce Engagement6.5MEDIUM

November 3

CVE-2022-38168
AvayaScopia Pathfinder 10 P...9.1CRITICAL

October 12

Avaya Aura Communication Manager Privilege Escalation Vulnerabilities

CVE-2022-2249
AvayaAvaya Aura Communicati...7.7HIGH

October 6

Avaya Aura Application Enablement Services weak permissions in web application

CVE-2022-2975
AvayaAvaya Aura Application...7.7HIGH

September 2

Avaya IP Office Privilege Escalation Vulnerability

CVE-2021-25657
AvayaIp Office7.8HIGH

June 25

Avaya Aura Device Services Arbitrary Code Execution Vulnerability

CVE-2021-25654
AvayaAvaya Aura Devices Ser...6.2MEDIUM

June 24

Avaya Aura Experience Portal XSS vulnerabilities

CVE-2021-25656
AvayaProduct5.3MEDIUM

URL redirection to untrusted site possible in Avaya Aura Experience Portal

CVE-2021-25655
AvayaAvaya Experience Portal4.4MEDIUM

Avaya Aura Appliance Virtualization Platform Utilities Privilege Escalation Vulnerability

CVE-2021-25653
AvayaAvaya Aura Appliance V...8HIGH

Avaya Aura Appliance Virtualization Platform Utilities Sensitive Information Disclosure Vulnerability

CVE-2021-25652
AvayaAvaya Aura Appliance V...4.9MEDIUM

Avaya Aura Utility Services Privilege Escalation Vulnerability

CVE-2021-25651
AvayaAvaya Aura Utility Ser...7.8HIGH

Avaya Aura Utility Services Privilege Escalation Vulnerability

CVE-2021-25650
AvayaAvaya Aura Utility Ser...8.8HIGH

Avaya Utility Services Sensitive Information Disclosure Vulnerability

CVE-2021-25649
AvayaAvaya Aura Utility Ser...5.5MEDIUM

April 28

Avaya Equinox Conferencing XXE vulnerability

CVE-2020-7037
AvayaAvaya Meetings Server8.1HIGH

Avaya Meetings Server Information Disclosure vulnerability

CVE-2020-7038
AvayaAvaya Meetings Management7.5HIGH

April 23

XXE in Avaya Callback Assist Administration

CVE-2020-7036
AvayaCallback Assist8.1HIGH

XXE in Avaya Aura Orchestration Designer

CVE-2020-7035
AvayaAura Orchestration Des...8.1HIGH

Command injection in Avaya Session Border Controller for Enterprise

CVE-2020-7034
AvayaSession Border Control...7.2HIGH

November 13

Avaya WebLM Improper Restriction of XML External Entity Reference

CVE-2020-7032
AvayaWeblm6.5MEDIUM

Avaya Equinox Conferencing XSS

CVE-2020-7033
AvayaAvaya Equinox Conferen...6.3MEDIUM

August 11

Avaya Product System Management Interface Cross-Site Request Forgery Vulnerability

CVE-2020-7029
AvayaAvaya Aura Communicati...6.4MEDIUM

August 7

Unauthenticated Information Disclosure Vulnerability in IP Office

CVE-2019-7005
AvayaIp Office5.9MEDIUM

June 4

IPO Information Disclosure

CVE-2020-7030
AvayaIp Office5.5MEDIUM

February 28

Avaya Equinox Conferencing Management (iView) Directory Traversal Vulnerability

CVE-2019-7007
AvayaEquinox Conferencing M...7.5HIGH

December 12

Avaya IP Office XSS Vulnerability

CVE-2019-7004
AvayaIp Office Application ...6.4MEDIUM

July 31

Avaya Aura Conferencing XSS

CVE-2019-7000
AvayaAvaya Aura Conferencing5.9MEDIUM

July 11

ACM SQL Injection

CVE-2019-7003
AvayaAvaya Control Manager9.3CRITICAL

April 4

Avaya IPOCC WebUI SQL Injection

CVE-2019-7001
AvayaIp Office Contact Center9.9CRITICAL

February 26

Avaya one-X Communicator Weak Encryption

CVE-2019-7006
AvayaOne-x Communicator6.5MEDIUM

February 1

Communication Manager Denial of Service

CVE-2018-15617
AvayaCommunication Manager6.5MEDIUM

January 23

IP Office one-X Portal XSS

CVE-2018-15614
AvayaIp Office6.8MEDIUM

October 17

System Platform Web UI Deserialization

CVE-2018-15616
AvayaAvaya Aura® System Pla...9CRITICAL

September 27

Communication Manager Local Administrator PrivEsc

CVE-2018-15611
AvayaCommunication Manager6.3MEDIUM

September 24

CMS Supervisor Information Disclosure

CVE-2018-15615
AvayaCall Management System...7.2HIGH

September 21

Orchestration Designer Runtime Config XSS

CVE-2018-15613
AvayaOrchestration Designer8.3HIGH

Orchestration Designer Runtime Config CSRF

CVE-2018-15612
AvayaOrchestration Designer8.3HIGH

September 12

Improper access controls in IP Office one-X Portal

CVE-2018-15610
AvayaIp Office7.3HIGH

February 5

CVE-2018-6635
AvayaAura7.5HIGH

November 10

CVE-2017-12969
AvayaIp Office Contact Center8.8HIGH

CVE-2017-11309
AvayaIp Office9.6CRITICAL

January 23

CVE-2016-2783
AvayaVsp Operating System S...👾9.8CRITICAL

July 3

CVE-2011-5096
AvayaAura Application Serve...

CVE-2012-3811
AvayaIp Office Customer Cal...

August 5

CVE-2011-3008
AvayaSecure Access Link Gat...

April 10

CVE-2008-6709
AvayaSip Enablement Services

CVE-2008-6707
AvayaSip Enablement Services

CVE-2008-6708
AvayaCommunication Manager

CVE-2008-6710
AvayaCommunication Manager

CVE-2008-6711
AvayaCommunication Manager

CVE-2008-6706
AvayaSip Enablement Services

April 1

CVE-2008-6575
AvayaCommunication Manager

CVE-2008-6573
AvayaCommunication Manager

CVE-2008-6574
AvayaCommunication Manager

February 14

CVE-2008-6141
AvayaIp Soft Phone

CVE-2008-6140
AvayaOne-x

December 24

CVE-2008-5709
AvayaCommunication Manager

CVE-2008-5710
AvayaCommunication Manager

August 25

CVE-2008-3778
AvayaSip Enablement Services

CVE-2008-3777
AvayaSip Enablement Services

July 9

CVE-2008-3081
AvayaMessaging Storage Server

November 5

CVE-2007-5830
AvayaMessage Networking

October 18

CVE-2007-5556
AvayaVoip Handset

September 19

CVE-2007-3286
AvayaIp Soft Phone

June 21

CVE-2007-3319
Avaya4602sw Ip Phone

CVE-2007-3318
AvayaOne-x

CVE-2007-3320
Avaya4602sw Ip Phone

CVE-2007-3321
Avaya4602sw Ip Phone

CVE-2007-3317
AvayaOne-x

CVE-2007-3322
Avaya4602sw Ip Phone

March 16

CVE-2007-1490
AvayaCommunication Manager

CVE-2007-1491
AvayaS8500

March 9

CVE-2007-1367
AvayaS8710

February 15

CVE-2006-0718
AvayaVsu 2000

December 31

CVE-2005-2762
AvayaVpnremote

December 22

CVE-2005-4471
AvayaModular Messaging Mess...

December 16

CVE-2005-3253
AvayaWireless Ap-6

December 4

CVE-2005-3989
AvayaTn2602ap Ip Media Reso...

May 2

CVE-2005-1125
AvayaLibsafe👾

March 14

CVE-2005-0506
AvayaIp Soft Phone

December 31

CVE-2004-1050
AvayaIp600 Media Servers

December 23

CVE-2004-0842
AvayaDefinity One Media Server

CVE-2004-0841
AvayaDefinity One Media Server

December 21

CVE-2004-1307
AvayaInteractive Response

November 23

CVE-2004-0494
AvayaCvlan

August 18

CVE-2004-0839
AvayaDefinity One Media Server

August 6

CVE-2004-0215
AvayaDefinity One Media Server

CVE-2004-0201
AvayaDefinity One Media Server

CVE-2004-0205
AvayaDefinity One Media Server

CVE-2004-0212
AvayaDefinity One Media Server

October 28

CVE-2002-1229
AvayaCajun P880

July 8

CVE-2002-1448
AvayaCajun P330