CVE-2018-15611

MEDIUM

Avaya Aura Communication Manager 6.3.0.1-6.3.16.9 & <7.1.3.1 - Privilege Escalation to Root

Title source: llm
STIX 2.1

Description

A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://downloads.avaya.com/css/P8/documents/101052550

Scores

CVSS v3 6.3
EPSS 0.0030
EPSS Percentile 21.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-284
Status published
Products (1)
avaya/aura_communication_manager 6.3.0.1 - 6.3.17.0
Published Sep 27, 2018
Tracked Since Feb 18, 2026