CVE-2018-15611

Name of the Vulnerable Software and Affected Versions Avaya Aura Communication Manager versions 6.3.x through 7.1.3.0 Avaya Aura Communication Manager version 7.1.3.1 is not affected, so the range is prior to 7.1.3.1 for 7.x versions.

Description A vulnerability in the local system administration component can allow an authenticated, privileged user on the local system to gain root privileges.

Recommendations For Avaya Aura Communication Manager versions 6.3.x, update to version 7.1.3.1 or later. For Avaya Aura Communication Manager versions 7.x prior to 7.1.3.1, update to version 7.1.3.1 or later.