Описание
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13.
Ссылки
- Third Party AdvisoryVDB Entry
- Release NotesVendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Release NotesVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:avaya:one-x_communicator:6.2:-:*:*:*:*:*:*
cpe:2.3:a:avaya:one-x_communicator:6.2:fp10:*:*:*:*:*:*
cpe:2.3:a:avaya:one-x_communicator:6.2:fp3:*:*:*:*:*:*
cpe:2.3:a:avaya:one-x_communicator:6.2:fp4:*:*:*:*:*:*
cpe:2.3:a:avaya:one-x_communicator:6.2:fp6:*:*:*:*:*:*
cpe:2.3:a:avaya:one-x_communicator:6.2:sp1:*:*:*:*:*:*
cpe:2.3:a:avaya:one-x_communicator:6.2:sp12:*:*:*:*:*:*
cpe:2.3:a:avaya:one-x_communicator:6.2:sp2:*:*:*:*:*:*
cpe:2.3:a:avaya:one-x_communicator:6.2:sp5:*:*:*:*:*:*
cpe:2.3:a:avaya:one-x_communicator:6.2:sp7:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00057
Низкий
6.5 Medium
CVSS3
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-327
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13.
EPSS
Процентиль: 18%
0.00057
Низкий
6.5 Medium
CVSS3
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-327