An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://download.avaya.com/css/public/documents/101076366 |
History
Tue, 22 Oct 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: avaya
Published: 2023-07-19T19:56:52.681Z
Updated: 2024-10-22T19:17:58.386Z
Reserved: 2023-07-17T19:33:59.907Z
Link: CVE-2023-3722
Vulnrichment
Updated: 2024-08-02T07:01:57.364Z
NVD
Status : Analyzed
Published: 2023-07-19T20:15:11.020
Modified: 2023-07-28T14:58:21.057
Link: CVE-2023-3722
Redhat
No data.