Avaya Aura Communication Manager vulnerabilities
2 known vulnerabilities affecting avaya/avaya_aura_communication_manager.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-2249MEDIUMCVSS 6.7v10.1.0.0≥ 8.x, ≤ 8.1.3.32022-10-12
CVE-2022-2249 [HIGH] CWE-269 CVE-2022-2249: Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager tha
Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0.
cvelistv5nvd
CVE-2020-7029HIGHCVSS 8.8v8.0.x≥ 7.0, ≤ 7.1.3.42020-08-11
CVE-2020-7029 [MEDIUM] CWE-352 CVE-2020-7029: A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of
cvelistv5nvd