Avaya IP Office Vulnerability (CVE-2024-4196) / (CVE-2024-4197)

Schwenki · Jul 11, 2024

Hi,

I'm surprised that nobody has written anything about this security gap yet.

https://support.avaya.com/css/public/documents/101090768

If I understand correctly, only the Server Edition and application server are affected?

Tom

sizbut · Jul 11, 2024

...and?

Avaya looked at it, fixed it, announced the fix. That is the CVE process.

If you go to support.avaya.com, you can see the security advisories for any of the Avaya products you are supporting. If you have a account you can configure automatic notifications for new advisories (and for other types of documents).

Stuck in a never ending cycle of file copying.

Schwenki · Jul 11, 2024

My Qusetion is, is the 500v2 also affected?

As I understand it, only the SE, or?

2024-07-11_14_17_42-ASA-2024-001_Mozilla_Firefox_xii4hc.jpg

sizbut · Jul 11, 2024

Suggestion for the future. If that is your question, start by asking the question, not with "I'm surprised that nobody has written anything about this security gap yet" dramatics.

And the answer is no, the IP500 V2 doesn't run Linux so its not affected, except if hosting a UCM or an IP Office Application Server.

And for that the original answer still stands: Avaya looked at it, fixed it, announced the fix.

Stuck in a never ending cycle of file copying.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Avaya IP Office Vulnerability (CVE-2024-4196) / (CVE-2024-4197)

Schwenki

Programmer

sizbut

Technical User

Schwenki

Programmer

sizbut

Technical User

Similar threads

Part and Inventory Search

Sponsor