Avaya: >> Aura Device Services >> 8.1.4.0 Security Vulnerabilities
An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.
CVSS Score
8.6
EPSS Score
0.545
Published
2023-07-19
An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services.
CVSS Score
6.2
EPSS Score
0.002
Published
2021-06-25