CVE-2021-25652: Avaya Aura Appliance Virtualization Platform Utilities Sensitive Information Disclosure Vulnerability
First published: Thu Jun 24 2021(Updated: )
An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Appliance Virtualization Platform Utilities (AVPU). This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be available to a privileged user. Affects versions 8.0.0.0 through 8.1.3.1 of AVPU.
Credit: securityalerts@avaya.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Avaya Aura Appliance Virtualization Platform | >=8.0.0.0<=8.1.3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this information disclosure vulnerability?
The vulnerability ID for this information disclosure vulnerability is CVE-2021-25652.
What is the affected software?
The affected software is Avaya Aura Appliance Virtualization Platform version 8.0.0.0 to 8.1.3.1.
What is the severity of this vulnerability?
The severity of this vulnerability is medium with a CVSS score of 5.5.
What is the impact of this vulnerability?
This vulnerability may potentially allow any local user to access system functionality and configuration information.
Is there a fix available for this vulnerability?
Yes, Avaya has released a security advisory which provides guidance on how to address this vulnerability.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/title
- agent/author
- agent/references
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/avaya
- canonical/avaya aura appliance virtualization platform
- version/avaya aura appliance virtualization platform/8.0.0.0
- version/avaya aura appliance virtualization platform/8.1.3.1