Avaya: >> Aura Device Services Security Vulnerabilities
An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.
CVSS Score
8.6
EPSS Score
0.545
Published
2023-07-19
An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services.
CVSS Score
6.2
EPSS Score
0.002
Published
2021-06-25