Avaya Aura System Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Avaya Aura System Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2010-2943 — CVSS 8.1 (high): The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which…
CVE-2010-2492 — CVSS 7.8 (high): Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might…
CVE-2010-2798 — CVSS 7.8 (high): The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations…
CVE-2016-5285 — CVSS 7.5 (high): A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey /…
CVE-2009-3939 — CVSS 7.1 (high): The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows…
CVE-2020-7032 — CVSS 6.5 (medium): An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct…
CVE-2024-7477 — CVSS 6.5 (medium): A SQL injection vulnerability was found which could allow a command line interface (CLI) user with administrative privileges to execute…
CVE-2010-2942 — CVSS 5.5 (medium): The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain…
CVE-2024-7480 — CVSS 4.2 (medium): An Improper access control vulnerability was found in Avaya Aura System Manager which could allow a command-line interface (CLI) user with…