VYPR

Aura Device Services

by Avaya

CVEs (2)

  • CVE-2023-3722Jul 19, 2023
    risk 0.04cvss epss 0.03

    An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.

  • CVE-2021-25654Jun 25, 2021
    risk 0.00cvss epss 0.01

    An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services.