PT-2022-15469 · Avaya · Avaya Communication Manager

Cezary Bak

Published

2022-10-12

Updated

2022-10-14

CVE-2022-2249

CVSS v3.1

7.7

High

Vector

AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Avaya Aura Communication Manager versions 8.0.0.0 through 8.1.3.3 Avaya Aura Communication Manager version 10.1.0.0

Description Privilege escalation related issues were discovered that may allow local administrative users to escalate their privileges.

Recommendations For Avaya Aura Communication Manager versions 8.0.0.0 through 8.1.3.3, update to a version that includes a fix for this issue. For Avaya Aura Communication Manager version 10.1.0.0, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2022-2249

Affected Products

Avaya Communication Manager

PT-2022-15469 · Avaya · Avaya Communication Manager

CVE-2022-2249

Weakness Enumeration

Related Identifiers

Affected Products

References · 4