CVE-2018-15611

A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.

Published: Sep 28, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-15611
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.7
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
avaya / aura_communication_manager	7.0	7.1.3.1
avaya / aura_communication_manager	6.3.0.1	6.3.17.0.x

https://downloads.avaya.com/css/P8/documents/101052550

Vulnerability Database

289,599

CVE-2018-15611