Communication Manager Local Administrator PrivEsc

CVE-2018-15611

6.3MEDIUM

Key Information

Vendor
Avaya
Status
Communication Manager
Vendor
CVE Published:
27 September 2018

Summary

A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.

Affected Version(s)

Communication Manager < 7.x*

Communication Manager < 6.3.x*

References

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.