Avaya Aura Communication Manager Privilege Escalation Vulnerabilities

CVE-2022-2249

7.7HIGH

Key Information

Vendor
Avaya
Status
Avaya Aura Communication Manager
Vendor
CVE Published:
12 October 2022

Summary

Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0.

Affected Version(s)

Avaya Aura Communication Manager = 10.1.0.0

Avaya Aura Communication Manager <= 8.1.3.3

References

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.