Short Name |
APP:AVAYA-CCRWEBCLIENT-RCE |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Code Execution |
Release Date |
2012/10/30 |
Update Number |
2198 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the Avaya IP Office Customer Call Reporter. A successful attack can lead to arbitrary remote code execution within the context of the server.
Avaya IP Office Customer Call Reporter is prone to a remote code-execution vulnerability. Attackers can leverage this issue to execute arbitrary code with the privileges of the user running the affected application. Avaya IP Office Customer Call Reporter 7.0 and 8.0 are vulnerable; other versions may also be affected.