Vulnerability Description
A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 through 9.1 SP12, 10.0 through 10.0 SP7, and 10.1 through 10.1 SP2.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Avaya | Ip Office | 9.1 |
Related Weaknesses (CWE)
References
- https://downloads.avaya.com/css/P8/documents/101051984Vendor Advisory
- https://packetstormsecurity.com/files/149284/Avaya-one-X-9.x-10.0.x-10.1.x-Arbit
- https://downloads.avaya.com/css/P8/documents/101051984Vendor Advisory
- https://packetstormsecurity.com/files/149284/Avaya-one-X-9.x-10.0.x-10.1.x-Arbit
FAQ
What is CVE-2018-15610?
CVE-2018-15610 is a vulnerability with a CVSS score of 7.3 (HIGH). A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 thr...
How severe is CVE-2018-15610?
CVE-2018-15610 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-15610?
Check the references section above for vendor advisories and patch information. Affected products include: Avaya Ip Office.