NotCVE - vendor:"Avaya" product:"Aura Communication Manager" version:" >= 6.0 <= 6.3.117.0"

3 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2018-15617 – Communication Manager Denial of Service

https://notcve.org/view.php?id=CVE-2018-15617

01 Feb 2019 — A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1. Una vulnerabilidad en el componente del proceso "capro" (Call Processor, procesador de llamadas) de Avaya Aura Communication Manager podría permitir a un usuario remoto no autenticado provocar una denegación de servicio (DoS). Las ver... • http://www.securityfocus.com/bid/106826 • CWE-399: Resource Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

CVE-2018-15611 – Communication Manager Local Administrator PrivEsc

https://notcve.org/view.php?id=CVE-2018-15611

27 Sep 2018 — A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1. Una vulnerabilidad en el componente de administración del sistema local de Avaya Aura Communication Manager puede permitir que un usuario autenticado privilegiado en el sistema local obtenga privilegios root. Las versiones afectadas incluyen las 6.3.x y to... • https://downloads.avaya.com/css/P8/documents/101052550 • CWE-284: Improper Access Control •

CVSS: 7.5EPSS: 0%CPEs: 104EXPL: 0

CVE-2016-5285 – nss: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash

https://notcve.org/view.php?id=CVE-2016-5285

16 Nov 2016 — A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. Existe una vulnerabilidad de desreferencia de puntero nulo en Mozilla Network Security Services debido a una falta de verificación NULL en PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, lo que podría permitir que un usuario malintencionado remoto cause una Deneg... • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html • CWE-476: NULL Pointer Dereference •