PT-2018-13118 · Avaya · Avaya Aura Orchestration Designer

Giulio Comi

Published

2018-09-21

Updated

2019-10-09

CVE-2018-15612

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Avaya Aura Orchestration Designer versions prior to 7.2.1

Description A CSRF issue in the Runtime Config component could allow an attacker to modify administrative settings, including adding, changing, or removing them.

Recommendations For versions prior to 7.2.1, update to version 7.2.1 or later to resolve the issue.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2018-15612

Affected Products

Avaya Aura Orchestration Designer

PT-2018-13118 · Avaya · Avaya Aura Orchestration Designer

CVE-2018-15612

Weakness Enumeration

Related Identifiers

Affected Products

References · 3