Avaya Ip Office
7 CVEs affecting Avaya Ip Office. Latest disclosed: 2024-06-25. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-4196 | Critical | 10.0 | 2024-06-25 | An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web req… |
CVE-2024-4197 | Critical | 9.9 | 2024-06-25 | An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected… |
CVE-2021-25657 | High | 7.8 | 2022-09-02 | A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privilege… |
CVE-2018-15610 | High | 7.3 | 2018-09-12 | A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected ve… |
CVE-2018-15614 | Medium | 6.8 | 2019-01-23 | A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the C… |
CVE-2019-7005 | Medium | 5.9 | 2020-08-07 | A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gai… |
CVE-2020-7030 | Medium | 5.5 | 2020-06-03 | A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain una… |