CVE-2021-25649

Опубликовано: 24 июн. 2021

Источник: nvd

CVSS3: 4.9

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user. Affects all 7.x versions of Avaya Aura Utility Services

Ссылки

https://support.avaya.com/css/P8/documents/101072728
Vendor Advisory
https://support.avaya.com/css/P8/documents/101072728
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*

Версия от 7.0 (включая) до 7.1.3 (включая)

EPSS

Процентиль: 44%

0.00211

Низкий

4.9 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

NVD-CWE-Other

Связанные уязвимости

GHSA-m4xq-6jrm-69q4

CVSS3: 5.5

github

больше 3 лет назад

** UNSUPPORTED WHEN ASSIGNED ** An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user. Affects all 7.x versions of Avaya Aura Utility Services.

EPSS

Процентиль: 44%

0.00211

Низкий

4.9 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

NVD-CWE-Other