CVE-2019-7006 MEDIUM

CVE-2019-7006: Avaya one-X Communicator Weak Encryption

Vendor N/A
Product n/a
Published February 27, 2019
Last update September 16, 2024

CVSS base score

6.5/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L

What the vulnerability does

01Description

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13.

Key dates

02Disclosure timeline

February 27, 2019 CVE published
September 16, 2024 Record updated