Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2018-15611

A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.

Published: Sep 27, 2018
Updated: Nov 9, 2025
CVE: CVE-2018-15611
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
avaya / aura_communication_manager	7.0	7.1.3.1
avaya / aura_communication_manager	6.3.0.1	6.3.17.0.x

https://downloads.avaya.com/css/P8/documents/101052550

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo