#VU10380 Security restrictions bypass in Avaya Aura System Manager - CVE-2018-6635

Cybersecurity Help s.r.o.

Published: 2018-02-06

Vulnerability identifier: #VU10380

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-6635

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Avaya Aura System Manager
Client/Desktop applications / Software for system administration

Vendor: Avaya

Description
The vulnerability allows a remote attacker to bypass security restrictions.

The weakness exists due to the system improperly enforces SSL-based authentication over certain Remote Method Invocation (RMI) ports. A remote attacker can bypass RMI access controls on the target system.

Mitigation
Update to version 7.1.2.

Vulnerable software versions

Avaya Aura System Manager: 7.1 - 7.1.1.1

External links
https://downloads.avaya.com/css/P8/documents/101038598

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Security restrictions bypass in Avaya Aura System Manager