Avaya one-X Communicator Weak Encryption
CVE-2019-7006

6.5MEDIUM

Key Information:

Vendor: Avaya
Status: One-x Communicator
Vendor: CVE Published:; 26 February 2019

Summary

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13.

References

http://www.securityfocus.com/bid/107175

vdb-entryx_refsource_BID

https://downloads.avaya.com/css/P8/documents/101055661

x_refsource_CONFIRM

https://downloads.avaya.com/css/P8/documents/101055601

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 26, 2019
Vulnerability Reserved
Jan 28, 2019