A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB Creator 11.1 Feature Pack 2 Service Pack 1 and earlier versions.
References
| Link | Resource |
|---|---|
| https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0037/MNDT-2022-0037.md | Exploit Third Party Advisory |
| https://support.avaya.com/css/P8/documents/101083319 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Sep 2022, 19:48
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| CWE | NVD-CWE-Other | |
| References | (CONFIRM) https://support.avaya.com/css/P8/documents/101083319 - Patch, Vendor Advisory | |
| References | (MISC) https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0037/MNDT-2022-0037.md - Exploit, Third Party Advisory | |
| First Time |
Avaya
Avaya ip Office |
|
| CPE | cpe:2.3:a:avaya:ip_office:*:*:*:*:*:*:*:* cpe:2.3:a:avaya:ip_office:11.1:feature_pack1:*:*:*:*:*:* cpe:2.3:a:avaya:ip_office:11.1:-:*:*:*:*:*:* cpe:2.3:a:avaya:ip_office:11.1:feature_pack2:*:*:*:*:*:* cpe:2.3:a:avaya:ip_office:11.1:feature_pack1_service_pack1:*:*:*:*:*:* cpe:2.3:a:avaya:ip_office:11.1:feature_pack2_service_pack1:*:*:*:*:*:* |
06 Sep 2022, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
02 Sep 2022, 01:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-09-02 01:15
Updated : 2023-12-10 14:35
NVD link : CVE-2021-25657
Mitre link : CVE-2021-25657
CVE.ORG link : CVE-2021-25657
JSON object : View
Products Affected
avaya
- ip_office
CWE