Avaya one-X Communicator Weak Encryption

CVE-2019-7006

6.5MEDIUM

Key Information

Vendor: Avaya
Status: One-x Communicator
Vendor: CVE Published:; 26 February 2019

Summary

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Risk change from: 5.5 to: 6.5 - (MEDIUM)
Feb 22, 2024
Vulnerability published.
Feb 26, 2019
Vulnerability Reserved.
Jan 28, 2019

Collectors

NVD DatabaseMitre Database

.