CVE-2018-15611
MEDIUMAvaya Aura Communication Manager 6.3.0.1-6.3.16.9 & <7.1.3.1 - Privilege Escalation to Root
Title source: llmDescription
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://downloads.avaya.com/css/P8/documents/101052550
Scores
CVSS v3
6.3
EPSS
0.0030
EPSS Percentile
21.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-284
Status
published
Products (1)
avaya/aura_communication_manager
6.3.0.1 - 6.3.17.0
Published
Sep 27, 2018
Tracked Since
Feb 18, 2026