CVE-2024-7477 - CERT CVE

  1. CVE-2024-7477

ID CVE-2024-7477
Sažetak A SQL injection vulnerability was found which could allow a command line interface (CLI) user with administrative privileges to execute arbitrary queries against the Avaya Aura System Manager database.  Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer support.
Reference
CVSS
Base: 6.7
Impact: 5.9
Exploitability:0.8
Pristup
VektorSloženostAutentikacija
LOCAL LOW HIGH
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 11-09-2024 - 15:03
Objavljeno 08-08-2024 - 16:15