CVE-2022-2249

Summary

Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0.

Affected Software

VendorProductVersion RangeStatus
AvayaAvaya Aura Communication Manager10.1.0.0affected
AvayaAvaya Aura Communication Manager8.x <= 8.1.3.3affected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References