CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

avaya

aura_utility_services

4 known vulnerabilities · sorted by CVSS score

CVE-2021-25651

HIGH8.0

A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to escalate privileges. Affects all 7.x versions of Avaya Aura Utility Services

avaya / aura_utility_services

Network

Published Jun 24, 2021

CVE-2021-25650

HIGH7.7

A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services

avaya / aura_utility_services

Network

Published Jun 24, 2021

CVE-2016-5285

HIGH7.5

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

mozilla / nss+98

Network

Published Nov 15, 2019

CVE-2021-25649

MEDIUM4.9

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user. Affects all 7.x versions of Avaya Aura Utility Services

avaya / aura_utility_services

Network

Published Jun 24, 2021