CVE-2024-7477
CVSS V2 None
CVSS V3 None
Description
A SQL injection vulnerability was found which could allow a command line interface (CLI) user with administrative privileges to execute arbitrary queries against the Avaya Aura System Manager database.
Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer support.
Overview
- CVE ID
- CVE-2024-7477
- Assigner
- avaya
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-08-08T16:02:43.125Z
- Last Modified Date
- 2024-08-08T16:02:43.125Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://download.avaya.com/css/public/documents/101091159 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-7477 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7477 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-08-09 13:08:32 | Added to TrackCVE |