First published: Mon Sep 24 2018(Updated: )
A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x.
Credit: securityalerts@avaya.com
Affected Software | Affected Version | How to fix |
---|---|---|
Avaya Call Management System Supervisor | =17.0.0 | |
Avaya Call Management System Supervisor | =18.0.1.0 | |
Avaya Call Management System Supervisor | =18.0.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Avaya Call Management System vulnerability is CVE-2018-15615.
The severity of CVE-2018-15615 is high (4.4).
The Supervisor component of Avaya Call Management System is affected by CVE-2018-15615.
Affected versions of CMS Supervisor include R17.0.x and R18.0.x.
A local administrative user can exploit CVE-2018-15615 to extract sensitive information from users connecting to a remote CMS host.