Avaya Aura Device Services vulnerabilities
2 known vulnerabilities affecting avaya/aura_device_services.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2023-3722P1CRITICALCVSS 9.8ExploitedPoC≤ 8.1.4.0fixed in 8.1.4.12023-07-19
CVE-2023-3722 [CRITICAL] CWE-434 CVE-2023-3722: An OS command injection vulnerability was found in the Avaya Aura Device Services Web application wh
An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.
nvd
CVE-2021-25654P3HIGHCVSS 7.8≥ 7.0, ≤ 8.1.4.02021-06-25
CVE-2021-25654 [HIGH] CWE-378 CVE-2021-25654: An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may pote
An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services.
nvd