An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.
The vulnerability results from improper validation of input data (CWE-20) in the web request processing mechanism. An attacker with minimal authentication level can send a specially crafted HTTP request that will be processed by the application without proper sanitization. This results in the execution of unauthorized commands on the server side in the context of the Avaya Call Management System application.
An attacker can gain full control over the system, which includes violation of confidentiality, integrity and availability of data and services. The scope of the attack extends beyond the direct component (Scope: Changed), which creates a risk of lateral movement in the internal network.
Avaya Call Management System should be updated to version 19.2.0.7 or newer (for the 19.x branch) or to version 20.0.1.0 or newer (for the 20.x branch). For version 18.x, contact Avaya for further guidance. Details are available in the manufacturer's documentation at the address indicated in the references.
Avaya Call Management System in versions: 18.x (all), 19.x before 19.2.0.7 and 20.x before 20.0.1.0
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HAvaya Call Management System
APPAvaya18.0.0.1 – 19.2.0.7 (bez)20.0 – 20.0.1.0 (bez)
Related vulnerabilities
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL che...
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application w...
RCE poprzez improper input validation w Avaya IP Office (Web Control)
Unrestricted file upload umożliwiający RCE w Avaya IP Office (One-X)
Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows...