CVE-2021-25650

Опубликовано: 24 июн. 2021

Источник: nvd

CVSS3: 7.7

CVSS3: 8.8

CVSS2: 4.6

EPSS Низкий

Описание

A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services

Ссылки

https://support.avaya.com/css/P8/documents/101072728
Vendor Advisory
https://support.avaya.com/css/P8/documents/101072728
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*

Версия от 7.0 (включая) до 7.1.3 (включая)

EPSS

Процентиль: 45%

0.00225

Низкий

7.7 High

CVSS3

8.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-250

CWE-269

Связанные уязвимости

GHSA-66v6-qf5f-pgh2

CVSS3: 8.8

github

больше 3 лет назад

** UNSUPPORTED WHEN ASSIGNED ** A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. Affects all 7.x versions of Avaya Aura Utility Services.

EPSS

Процентиль: 45%

0.00225

Низкий

7.7 High

CVSS3

8.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-250

CWE-269