CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-15613

A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.9%

CVSS Severity

CVSS v3 Score 8.3

CVSS v2 Score 4.3

References

Products affected by CVE-2018-15613

Avaya » Aura Orchestration Designer » Version: 6.0

cpe:2.3:a:avaya:aura_orchestration_designer:6.0
Avaya » Aura Orchestration Designer » Version: 6.0.0.1002

cpe:2.3:a:avaya:aura_orchestration_designer:6.0.0.1002
Avaya » Aura Orchestration Designer » Version: 6.0.0.1103

cpe:2.3:a:avaya:aura_orchestration_designer:6.0.0.1103
Avaya » Aura Orchestration Designer » Version: 6.0.0.1301

cpe:2.3:a:avaya:aura_orchestration_designer:6.0.0.1301
Avaya » Aura Orchestration Designer » Version: 7.0

cpe:2.3:a:avaya:aura_orchestration_designer:7.0
Avaya » Aura Orchestration Designer » Version: 7.0.1

cpe:2.3:a:avaya:aura_orchestration_designer:7.0.1
Avaya » Aura Orchestration Designer » Version: 7.1

cpe:2.3:a:avaya:aura_orchestration_designer:7.1
Avaya » Aura Orchestration Designer » Version: 7.2

cpe:2.3:a:avaya:aura_orchestration_designer:7.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-15613

Products

Pricing

Contact Us