Avaya Aura Communication Manager 7.0 Service Pack 3

CPE Details

Avaya Aura Communication Manager 7.0 Service Pack 3
avaya
aura_communication_manager
7.0
2019-11-20
18h16 +00:00
2021-03-24
15h51 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:avaya:aura_communication_manager:7.0:sp3:*:*:*:*:*:*

Informations

Vendor

avaya

Product

aura_communication_manager

Version

7.0

Update

sp3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-7029 2020-08-11 23h05 +00:00 A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of Communication Manager are 7.0.x, 7.1.x prior to 7.1.3.5 and 8.0.x. Affected versions of Messaging are 7.0.x, 7.1 and 7.1 SP1.
8.8
High
CVE-2016-5285 2019-11-15 14h44 +00:00 A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
7.5
High
CVE-2018-15617 2019-02-01 14h00 +00:00 A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1.
7.5
High
CVE-2018-15611 2018-09-27 23h00 +00:00 A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.
6.7
Medium