Avaya Security Vulnerabilities (CVEs)
Track 10 security vulnerabilities affecting Avaya products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
An improper input validation vulnerability in Avaya Call Management System allows remote attackers to execute arbitrary commands via specially crafted...
Jun 10, 2025A Cross-Site Scripting (XSS) vulnerability in Avaya Spaces allows attackers to inject malicious scripts into web pages viewed by other users. This cou...
Feb 11, 2025An HTML injection vulnerability in Avaya Spaces allows attackers to inject malicious HTML content into web pages, potentially leading to information d...
Feb 11, 2025A SQL injection vulnerability in Avaya Aura System Manager allows CLI users with administrative privileges to execute arbitrary database queries. This...
Aug 8, 2024An improper input validation vulnerability in Avaya IP Office's Web Control component allows remote attackers to execute arbitrary commands or code vi...
Jun 25, 2024A local privilege escalation vulnerability in Avaya Aura Utility Services allows authenticated local users to execute arbitrary scripts with elevated ...
Jun 24, 2021This CVE describes a local privilege escalation vulnerability in Avaya Aura Appliance Virtualization Platform Utilities (AVPU) that allows authenticat...
Jun 24, 2021An XML External Entities (XXE) vulnerability in the Media Server component of Avaya Equinox Conferencing allows authenticated remote attackers to read...
Apr 28, 2021This CVE describes a command injection vulnerability in Avaya Session Border Controller for Enterprise that allows authenticated remote attackers to e...
Apr 23, 2021This XML External Entity (XXE) vulnerability in Avaya Callback Assist allows authenticated remote attackers to read files on the affected system by pr...
Apr 23, 2021Why Monitor Avaya Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 10+ known vulnerabilities affecting Avaya products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Avaya packages in under 60 seconds. No agents required - completely agentless scanning that works across Avaya deployments.
Free vulnerability database: Access detailed information about every Avaya CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Avaya CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
