Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Avaya — Vulnerabilities & Security Advisories 47

Browse all 47 CVE security advisories affecting Avaya. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Avaya operates primarily as a provider of enterprise communication solutions, including unified communications, contact center software, and networking hardware. The vendor’s portfolio has historically been associated with a significant volume of security flaws, currently totaling 47 recorded Common Vulnerabilities and Exposures (CVEs). These vulnerabilities predominantly involve remote code execution, cross-site scripting, and privilege escalation issues, often stemming from inadequate input validation or improper access controls within web interfaces and administrative panels. Notable incidents include critical flaws in IP Office and Session Manager products that allowed unauthenticated attackers to gain system-level access or execute arbitrary commands. The high count of CVEs reflects a pattern of legacy code vulnerabilities and delayed patch cycles for older on-premise deployments. Security researchers emphasize the necessity of rigorous network segmentation and immediate application of vendor-provided patches to mitigate the risk of exploitation in these communication infrastructure components.

Found 2 results / 47Clear Filters
Top products by Avaya: IP Office IX Workforce Engagement Avaya Aura Utility Services Communication Manager Avaya Spaces Aura System Manager Avaya Call Management System Avaya Aura Appliance Virtualization Platform Utilities Avaya Aura Communication Manager Orchestration Designer IP Office Contact Center Call Management System Supervisor Experience Portal Manager Aura Device Services Avaya Aura® System Platform Avaya Aura Conferencing Avaya Aura Application Enablement Services Product Avaya Experience Portal Avaya Aura Devices Services Equinox Conferencing Management (iView) Avaya Control Manager Avaya Meetings Management Avaya Meetings Server Callback Assist Aura Orchestration Designer Session Border Controller for Enterprise Avaya Equinox Conferencing WebLM IP Office Application Server
CVE IDTitleCVSSSeverityPublished
CVE-2018-15612 Orchestration Designer Runtime Config CSRF — Orchestration DesignerCWE-352 8.8 -2018-09-21
CVE-2018-15613 Orchestration Designer Runtime Config XSS — Orchestration DesignerCWE-79 6.1 -2018-09-21

This page lists every published CVE security advisory associated with Avaya. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.