{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-1041", "assignerOrgId": "9d670455-bdb5-4cca-a883-5914865f5d96", "state": "PUBLISHED", "assignerShortName": "avaya", "dateReserved": "2025-02-04T20:04:14.118Z", "datePublished": "2025-06-10T06:05:25.883Z", "dateUpdated": "2025-06-10T20:00:17.556Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Avaya Call Management System", "vendor": "Avaya", "versions": [{"lessThan": "19.2.0.7", "status": "affected", "version": "18.0", "versionType": "custom"}, {"lessThan": "20.0.1.0", "status": "affected", "version": "20.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Roberto Olivero"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Juan Ignacio Elola"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An <span style=\"background-color: rgb(255, 255, 255);\">improper input validation </span>discovered in \n\nAvaya Call Management System\ncould allow an unauthorized \n\nremote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.<br>"}], "value": "An improper input validation discovered in \n\nAvaya Call Management System\ncould allow an unauthorized \n\nremote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0."}], "impacts": [{"capecId": "CAPEC-253", "descriptions": [{"lang": "en", "value": "CAPEC-253 Remote Code Inclusion"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9d670455-bdb5-4cca-a883-5914865f5d96", "shortName": "avaya", "dateUpdated": "2025-06-10T06:05:25.883Z"}, "references": [{"url": "https://support.avaya.com/css/public/documents/101093084"}], "source": {"discovery": "EXTERNAL"}, "title": "Avaya Call Management System RCE vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-10T20:00:08.753222Z", "id": "CVE-2025-1041", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-10T20:00:17.556Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1041", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-10T20:00:08.753222Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-10T20:00:14.026Z"}}], "cna": {"title": "Avaya Call Management System RCE vulnerability", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Roberto Olivero"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Juan Ignacio Elola"}], "impacts": [{"capecId": "CAPEC-253", "descriptions": [{"lang": "en", "value": "CAPEC-253 Remote Code Inclusion"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Avaya", "product": "Avaya Call Management System", "versions": [{"status": "affected", "version": "18.0", "lessThan": "19.2.0.7", "versionType": "custom"}, {"status": "affected", "version": "20.0", "lessThan": "20.0.1.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://support.avaya.com/css/public/documents/101093084"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An improper input validation discovered in \n\nAvaya Call Management System\ncould allow an unauthorized \n\nremote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.", "supportingMedia": [{"type": "text/html", "value": "An <span style=\"background-color: rgb(255, 255, 255);\">improper input validation </span>discovered in \n\nAvaya Call Management System\ncould allow an unauthorized \n\nremote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "9d670455-bdb5-4cca-a883-5914865f5d96", "shortName": "avaya", "dateUpdated": "2025-06-10T06:05:25.883Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1041", "state": "PUBLISHED", "dateUpdated": "2025-06-10T20:00:17.556Z", "dateReserved": "2025-02-04T20:04:14.118Z", "assignerOrgId": "9d670455-bdb5-4cca-a883-5914865f5d96", "datePublished": "2025-06-10T06:05:25.883Z", "assignerShortName": "avaya"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "89DA48FC-066F-4C22-BD8D-6B7BF2E23759", "versionEndExcluding": "19.2.0.7", "versionStartIncluding": "18.0.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "2BC9C41D-7B1F-496D-87B4-C687BED46C80", "versionEndExcluding": "20.0.1.0", "versionStartIncluding": "20.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An improper input validation discovered in \n\nAvaya Call Management System\ncould allow an unauthorized \n\nremote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0."}, {"lang": "es", "value": "Una validaci\u00f3n de entrada incorrecta detectada en Avaya Call Management System podr\u00eda permitir un comando remoto no autorizado mediante una solicitud web especialmente manipulada. Las versiones afectadas incluyen la 18.x, la 19.x anterior a la 19.2.0.7 y la 20.x anterior a la 20.0.1.0."}], "id": "CVE-2025-1041", "lastModified": "2025-07-30T17:59:01.643", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "securityalerts@avaya.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-06-10T06:15:22.000", "references": [{"source": "securityalerts@avaya.com", "tags": ["Vendor Advisory"], "url": "https://support.avaya.com/css/public/documents/101093084"}], "sourceIdentifier": "securityalerts@avaya.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "securityalerts@avaya.com", "type": "Secondary"}]}

{}