CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25655

A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.2%

CVSS Severity

CVSS v3 Score 4.4

CVSS v2 Score 5.8

References

https://downloads.avaya.com/css/P8/documents/101076234
https://downloads.avaya.com/css/P8/documents/101076234

Products affected by CVE-2021-25655

Avaya » Aura Experience Portal » Version: 7.1

cpe:2.3:a:avaya:aura_experience_portal:7.1
Avaya » Aura Experience Portal » Version: 8.0.0

cpe:2.3:a:avaya:aura_experience_portal:8.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25655

Products

Pricing

Contact Us