PT-2021-16730 · Avaya · Avaya Aura Appliance Virtualization Platform Utilities
Gerardo Iglesias
+1
·
Published
2021-06-24
·
Updated
2022-10-25
·
CVE-2021-25652
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Avaya Aura Appliance Virtualization Platform Utilities (AVPU) versions 8.0.0.0 through 8.1.3.1
Description
An information disclosure issue was discovered in the directory and file management of AVPU, potentially allowing any local user to access system functionality and configuration information that should only be available to a privileged user.
Recommendations
For versions 8.0.0.0 through 8.1.3.1, update to a version that contains a fix for this issue to prevent unauthorized access to system functionality and configuration information.
Fix
Information Disclosure
Exposure of Resource to Wrong Sphere
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Avaya Aura Appliance Virtualization Platform Utilities