Communication Manager Denial of Service

CVE-2018-15617

6.5MEDIUM

Key Information

Vendor
Avaya
Status
Communication Manager
Vendor
CVE Published:
1 February 2019

Summary

A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1.

Affected Version(s)

Communication Manager = 6.3.x

Communication Manager <= 7.1.3.2

Communication Manager <= 8.0.1

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.