CVEDB API

Vulnerabilities

Vulnerable Software

Avaya: >> Aura Utility Services >> 7.0.1.2 Security Vulnerabilities

CVE-2021-25649

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user. Affects all 7.x versions of Avaya Aura Utility Services

CVSS Score

4.9

EPSS Score

0.001

Published

2021-06-24

CVE-2021-25650

A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services

CVSS Score

7.7

EPSS Score

0.001

Published

2021-06-24

CVE-2021-25651

A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to escalate privileges. Affects all 7.x versions of Avaya Aura Utility Services

CVSS Score

8.0

EPSS Score

0.001

Published

2021-06-24

CVE-2016-5285

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

CVSS Score

7.5

EPSS Score

0.006

Published

2019-11-15

Page 1

Vulnerabilities

Vulnerable Software

Avaya: >> Aura Utility Services >> 7.0.1.2 Security Vulnerabilities

Products

Pricing

Contact Us