CVE-2018-15612

Summary

A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an attacker to add, change, or remove administrative settings. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.

Affected Software

VendorProductVersion RangeStatus
AvayaOrchestration DesignerAll versions up to 7.2.1affected

Weaknesses

  • CWE-352: CWE-352: Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References