CVE-2021-25654

High

An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute…

avaya·CWE-378·Published 2021-06-25

CVSS

7.8

EPSS

0.01

KEV

Exploits

cve.orgen

232 chars

An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services.

NVDen

232 chars

NVDes

246 chars

Se ha detectado una vulnerabilidad de ejecución de código arbitraria en Avaya Aura Device Services, que puede permitir a un usuario local ejecutar scripts especialmente diseñados. Afecta a versiones 7.0 hasta 8.1.4.0 de Avaya Aura Device Services

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H