SMGR-26896: SSL Authentication Bypass in Avaya Aura System Manager
CVE-2018-6635 · MEDIUM Severity
AV:N/AC:M/AU:S/C:P/I:P/A:P
System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896.
Learn more about our Web Application Penetration Testing UK.