Avaya

139 tracked vulnerabilities.

CVE-2025-49186 MEDIUM
Avaya Media Server - Brute Force
Jun 12, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-1041 CRITICAL
Avaya Call Management System <20.0.1.0 - Command Injection
Jun 10, 2025
CVSS 9.9
EPSS 0.00
CVE-2024-12756 HIGH
Avaya Spaces - Info Disclosure
Feb 11, 2025
CVSS 7.3
EPSS 0.00
CVE-2024-12755 HIGH
Avaya Spaces - XSS
Feb 11, 2025
CVSS 7.9
EPSS 0.00
CVE-2024-7480 MEDIUM
Avaya Aura System Manager < 10.1.2 - Incorrect Privilege Assignment
Aug 08, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-7477 MEDIUM
Avaya Aura System Manager < 10.1.2 - SQL Injection
Aug 08, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4197 CRITICAL
Avaya IP Office < 11.1.3.1 - Unrestricted File Upload
Jun 25, 2024
CVSS 9.9
EPSS 0.01
CVE-2024-4196 CRITICAL
Avaya IP Office <11.1.3.1 - RCE
Jun 25, 2024
CVSS 10.0
EPSS 0.01
CVE-2023-7031 MEDIUM
Avaya Aura Experience Portal < 8.1.2.0.0402 - Information Disclosure
Jan 17, 2024
CVSS 5.7
EPSS 0.00
CVE-2023-3722 HIGHNUCLEI
Avaya Aura Device Services < 8.1.4.0 - Unrestricted File Upload
Jul 19, 2023
CVSS 8.6
EPSS 0.51
CVE-2023-3527 MEDIUM
Avaya CMS Supervisor - Code Injection
Jul 18, 2023
CVSS 6.8
EPSS 0.00
CVE-2023-32218 MEDIUM
Avaya IX Workforce Engagement - Open Redirect
May 30, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-31187 MEDIUM
Avaya IX Workforce Engagement v15.2.7.1195 - Info Disclosure
May 30, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-31186 MEDIUM
Avaya IX Workforce Engagement <15.2.7.1195 - Info Disclosure
May 30, 2023
CVSS 5.3
EPSS 0.00
CVE-2022-38168 CRITICAL
Avaya Scopia Pathfinder <8.3.7.0.4 - Auth Bypass
Nov 03, 2022
CVSS 9.1
EPSS 0.00
CVE-2022-2249 HIGH
Avaya Aura Communication Manager - Improper Privilege Management
Oct 12, 2022
CVSS 7.7
EPSS 0.00
CVE-2022-2975 HIGH
Avaya Aura Application Enablement Ser... - Improper Privilege Management
Oct 06, 2022
CVSS 7.7
EPSS 0.00
CVE-2021-25657 HIGH
Avaya IP Office < 11.1 - Improper Privilege Management
Sep 02, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-25654 MEDIUM
Avaya Aura Device Services <8.1.4.0 - RCE
Jun 25, 2021
CVSS 6.2
EPSS 0.00
CVE-2021-25656 MEDIUM
Avaya Aura Experience Portal < 7.2.3 - XSS
Jun 24, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-25655 MEDIUM
Avaya Aura Experience Portal < 7.2.3 - Open Redirect
Jun 24, 2021
CVSS 4.4
EPSS 0.00
CVE-2021-25653 HIGH
Avaya Aura Appliance Virtualization Platform - Privilege Escalation
Jun 24, 2021
CVSS 8.0
EPSS 0.00
CVE-2021-25652 MEDIUM
Avaya Aura Appliance Virtualization Platform - Information Disclosure
Jun 24, 2021
CVSS 4.9
EPSS 0.00
CVE-2021-25651 HIGH
Avaya Aura Utility Services < 7.1.3 - Privilege Escalation
Jun 24, 2021
CVSS 8.0
EPSS 0.00
CVE-2021-25650 HIGH
Avaya Aura Utility Services < 7.1.3 - Privilege Escalation
Jun 24, 2021
CVSS 7.7
EPSS 0.00
Products
communication_manager 16 modular_messaging_message_storage_server 15 s8700 11 s8500 11 s8300 11 s8100 10 definity_one_media_server 10 converged_communications_server 10 aura_communication_manager 10 ip_office 9 aura_system_manager 9 ip600_media_servers 9 sip_enablement_services 8 intuity_audix 7 message_networking 6 aura_session_manager 6 s3400 6 messaging_storage_server 6 aura_system_platform 5 iq 5 aura_utility_services 4 aura_application_enablement_services 4 intuity_audix_lx 4 aura_presence_services 4 argent_office 4 aura_experience_portal 4 mn100 4 4602sw_ip_phone 4 meeting_exchange 3 libsafe 3
Quick Filters
Critical CVEs With Exploits In CISA KEV