Avaya Aura Communication Manager Privilege Escalation Vulnerabilities

CVE-2022-2249

7.7HIGH

Key Information

Vendor: Avaya
Status: Avaya Aura Communication Manager
Vendor: CVE Published:; 12 October 2022

Summary

Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0.

Affected Version(s)

Avaya Aura Communication Manager = 10.1.0.0

Avaya Aura Communication Manager <= 8.1.3.3

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Risk change from: 6.7 to: 7.7 - (HIGH)
Aug 3, 2024
Vulnerability published.
Oct 12, 2022
Vulnerability Reserved.
Jun 29, 2022

Collectors

NVD DatabaseMitre Database