An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.
References
Link | Resource |
---|---|
https://download.avaya.com/css/public/documents/101076366 | Release Notes |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: avaya
Published: 2023-07-19T19:56:52.681Z
Updated: 2023-07-19T19:56:52.681Z
Reserved: 2023-07-17T19:33:59.907Z
Link: CVE-2023-3722
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-07-19T20:15:11.020
Modified: 2023-07-28T14:58:21.057
Link: CVE-2023-3722
JSON object: View
Redhat Information
No data.
CWE