Insecure Direct Object Reference vulnerabilities were...
Moderate severity
Unreviewed
Published
Jan 17, 2024
to the GitHub Advisory Database
•
Updated Feb 3, 2024
Description
Published by the National Vulnerability Database
Jan 17, 2024
Published to the GitHub Advisory Database
Jan 17, 2024
Last updated
Feb 3, 2024
Insecure Direct Object Reference vulnerabilities were discovered in the Avaya Aura Experience Portal Manager which may allow partial information disclosure to an authenticated non-privileged user. Affected versions include 8.0.x and 8.1.x, prior to 8.1.2 patch 0402. Versions prior to 8.0 are end of manufacturer support.
References