Lucene search
HistorySep 02, 2022 - 1:15 a.m.
CVE-2021-25657
vulnerability
avaya
ip office
escalation
privileges
admin lite
usb creator
local user
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB Creator 11.1 Feature Pack 2 Service Pack 1 and earlier versions.
Affected configurations
Node
avayaip_officeRange<11.1
ORavayaip_officeMatch11.1-
ORavayaip_officeMatch11.1feature_pack1
ORavayaip_officeMatch11.1feature_pack1_service_pack1
ORavayaip_officeMatch11.1feature_pack2
ORavayaip_officeMatch11.1feature_pack2_service_pack1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| avaya | ip_office | * | cpe:2.3:a:avaya:ip_office:*:*:*:*:*:*:*:* |
| avaya | ip_office | 11.1 | cpe:2.3:a:avaya:ip_office:11.1:-:*:*:*:*:*:* |
| avaya | ip_office | 11.1 | cpe:2.3:a:avaya:ip_office:11.1:feature_pack1:*:*:*:*:*:* |
| avaya | ip_office | 11.1 | cpe:2.3:a:avaya:ip_office:11.1:feature_pack1_service_pack1:*:*:*:*:*:* |
| avaya | ip_office | 11.1 | cpe:2.3:a:avaya:ip_office:11.1:feature_pack2:*:*:*:*:*:* |
| avaya | ip_office | 11.1 | cpe:2.3:a:avaya:ip_office:11.1:feature_pack2_service_pack1:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2021-25657 Avaya IP Office Privilege Escalation Vulnerability
2022-09-02 01:05:08
prion
prion
Privilege escalation
2022-09-02 01:15:00
cve
cve
CVE-2021-25657
2022-09-02 01:15:07
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2021-25657