Avaya Vulnérabilités

Chronologie

Taper

Not Defined	90
IP Phone Software	9
Virtualization Software	2
Application Server Software	2
Reporting Software	2

Produit

Avaya Communication Manager	14
Avaya IP Office	6
Avaya Aura Communication Manager	4
Avaya SIP Enablement Services	4
Avaya 4602SW IP Phone	4

Contre-mesures

Official Fix	48
Temporary Fix	0
Workaround	5
Unavailable	6
Not Defined	46

Exploitabilité

High	2
Functional	2
Proof-of-Concept	23
Unproven	11
Not Defined	67

Vecteur d'accès

Not Defined	0
Physical	0
Local	18
Adjacent	2
Network	85

Authentification

Not Defined	0
High	10
Low	34
None	61

Interaction de l'utilisateur

Not Defined	0
Required	15
None	90

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	2
≤4	5
≤5	10
≤6	29
≤7	20
≤8	23
≤9	8
≤10	8

CVSSv3 Temp

≤1	0
≤2	0
≤3	2
≤4	5
≤5	19
≤6	28
≤7	25
≤8	13
≤9	12
≤10	1

VulDB

≤1	0
≤2	1
≤3	2
≤4	12
≤5	11
≤6	26
≤7	17
≤8	25
≤9	3
≤10	8

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	5
≤7	8
≤8	3
≤9	4
≤10	5

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	3
≤7	8
≤8	6
≤9	3
≤10	2

Fournisseur

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 jour

<1k	17
<2k	48
<5k	38
<10k	2
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	103
<2k	1
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (62): 4602SW IP Phone (4), Argent Office (4), Aura (1), Aura Appliance Virtualization Platform Utilities (2), Aura Application Enablement Services (1), Aura Application Server 5300 (1), Aura Communication Manager (4), Aura Conferencing (1), Aura Device Services (2), Aura Experience Portal (2), Aura Experience Portal Manager (1), Aura Messaging (1), Aura Orchestration Designer (3), Aura System Platform (1), Aura Utility Services (3), Cajun P130 (2), Cajun P330 (2), Cajun P550R (1), Call Management System (1), Callback Assist (1), Communication Manager (14), Control Manager (1), Equinox Conferencing (3), Equinox Management (1), Fabric Connect Virtual Services Platform (1), G700 Media Gateway (1), IP Office (6), IP Office Application Server (1), IP Office Contact Center (2), IP Office Customer Call Reporter (2), IP Office Phone Manager (1), IP Office one-X Portal (2), IP Soft Phone (1), IP Softphone (1), IX Workforce Engagement (3), Interaction Center (1), Libsafe (2), Management System (1), Messaging Storage Server (2), Modular Messaging Message Storage Server (1), One-X Portal for IP Office (1), P330 (1), P580 (1), P880 (1), P882 (1), S87XX (1), S8300 (3), S8500 (2), SIP Enablement Services (4), Scopia Pathfinder 10 (1), Scopia Pathfinder 20 PTS (1), Secure Access Link Gateway (1), Session Border Controller for Enterprise (1), TN2602AP IP Media Resource 320 circuit pack (1), VoIP Handset (1), Vsu 7500 (1), WebLM (1), Wireless AP-6 (1), libsafe (1), one-X (3), one-X Communicator (1), pnremote (1)

Link to Vendor Website: https://www.avaya.com/

Publié	Base	Temp	Vulnérabilité	Prod	Exp	Con	EPSS	CTI	CVE
17/01/2024	4.5	4.5	Avaya Aura Experience Portal Manager divulgation de l'information	Inconnue	Not Defined	Official Fix	0.00045	0.03	CVE-2023-7031
20/07/2023	8.6	8.6	Avaya Aura Device Services Web Application elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00196	0.03	CVE-2023-3722
19/07/2023	5.2	5.2	Avaya Call Management System elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00054	0.04	CVE-2023-3527
31/05/2023	5.7	5.7	Avaya IX Workforce Engagement Redirect	Inconnue	Not Defined	Not Defined	0.00046	0.00	CVE-2023-32218
31/05/2023	5.4	5.4	Avaya IX Workforce Engagement divulgation de l'information	Inconnue	Not Defined	Not Defined	0.00049	0.02	CVE-2023-31187
31/05/2023	5.3	5.3	Avaya IX Workforce Engagement divulgation de l'information	Inconnue	Not Defined	Not Defined	0.00046	0.02	CVE-2023-31186
04/11/2022	7.3	7.3	Avaya Scopia Pathfinder 10/Scopia Pathfinder 20 PTS Login Page elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00342	0.00	CVE-2022-38168
13/10/2022	7.0	7.0	Avaya Aura Communication Manager elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00043	0.02	CVE-2022-2249
06/10/2022	6.2	6.2	Avaya Aura Application Enablement Services elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00042	0.00	CVE-2022-2975
02/09/2022	8.3	8.1	Avaya IP Office elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00042	0.02	CVE-2021-25657
26/06/2021	5.0	5.0	Avaya Aura Device Services elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00042	0.00	CVE-2021-25654
24/06/2021	5.5	5.3	Avaya Aura Experience Portal System Service Menu Redirect	Inconnue	Not Defined	Official Fix	0.00078	0.00	CVE-2021-25655
24/06/2021	4.1	4.1	Avaya Aura Utility Services elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00042	0.03	CVE-2021-25651
24/06/2021	4.1	4.1	Avaya Aura Utility Services elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00042	0.03	CVE-2021-25650
24/06/2021	2.7	2.7	Avaya Aura Utility Services File Management divulgation de l'information	Inconnue	Not Defined	Not Defined	0.00042	0.00	CVE-2021-25649
24/06/2021	3.5	3.4	Avaya Aura Experience Portal Web Management cross site scripting	Inconnue	Not Defined	Official Fix	0.00054	0.00	CVE-2021-25656
24/06/2021	6.4	6.4	Avaya Aura Appliance Virtualization Platform Utilities elévation de privilèges	Virtualization Software	Not Defined	Not Defined	0.00042	0.00	CVE-2021-25653
24/06/2021	2.3	2.3	Avaya Aura Appliance Virtualization Platform Utilities File Management divulgation de l'information	Virtualization Software	Not Defined	Not Defined	0.00042	0.00	CVE-2021-25652
29/04/2021	6.3	6.0	Avaya Equinox Conferencing XML External Entity	Inconnue	Not Defined	Official Fix	0.00251	0.00	CVE-2020-7037
29/04/2021	7.3	7.0	Avaya Equinox Conferencing Management elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00283	0.00	CVE-2020-7038
24/04/2021	6.3	6.0	Avaya Callback Assist XML External Entity	Inconnue	Not Defined	Official Fix	0.00135	0.00	CVE-2020-7036
24/04/2021	6.3	6.0	Avaya Aura Orchestration Designer Web-based User Interface XML External Entity	Inconnue	Not Defined	Official Fix	0.00135	0.00	CVE-2020-7035
24/04/2021	7.2	7.2	Avaya Session Border Controller for Enterprise Message elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00125	0.07	CVE-2020-7034
13/11/2020	4.7	4.7	Avaya WebLM Admin Interface XML External Entity	Inconnue	Not Defined	Not Defined	0.01963	0.03	CVE-2020-7032
13/11/2020	4.4	4.3	Avaya Equinox Conferencing Unified Portal Client cross site scripting	Inconnue	Not Defined	Official Fix	0.00054	0.00	CVE-2020-7033

Avaya Vulnérabilités

Chronologie

Taper

Produit

Contre-mesures

Exploitabilité

Vecteur d'accès

Authentification

Interaction de l'utilisateur

C3BM Index

CVSSv3 Base

CVSSv3 Temp

VulDB

NVD

CNA

Fournisseur

Research

Exploiter 0 jour

Exploiter aujourd'hui

Exploiter le volume du marché

🔴 CTI Activités

🔒 Login Required

Do you know our Splunk app?