Communication Manager Local Administrator PrivEsc
CVE-2018-15611
6.3MEDIUM
Summary
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.
Affected Version(s)
Communication Manager < 7.x*
Communication Manager < 6.3.x*
References
CVSS V3.1
Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database