What is the avaya CNA?
avaya is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 45 CVE records since 2018.
How many CVEs has avaya published?
avaya has published 45 CVE records, including 7 in the last two years.
What is avaya's CVE data quality grade?
RadicalNotion.AI grades avaya's CVE data quality as A, with an overall completeness score of 98.4%. This reflects how consistently its CVE records include vendor (97.8%), product (97.8%), CVSS (100%), and CWE (97.8%) information.
What products does avaya publish CVEs for?
avaya most frequently publishes CVEs for IP Office, aura communication manager, Aura System Manager, equinox conferencing, aura utility services.
Which vendors does avaya cover?
avaya publishes CVEs across 2 distinct vendors, most often Avaya.
Is avaya actively publishing CVEs?
avaya is currently active, based on 7 CVEs in the last two years.
What is the average severity of avaya's CVEs?
The average CVSS base score across avaya's scored CVEs is 7.2.
How many critical CVEs has avaya published?
avaya has published 6 critical-severity CVEs and 19 high-severity CVEs.
Are any of avaya's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of avaya's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in avaya's CVEs?
avaya's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-611 (Improper Restriction of XML External Entity Reference), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')).
How does avaya rank among CNAs?
By total CVE volume, avaya ranks #176 of 370 CNAs, and it reports more complete CVE records than 50% of all CNAs.
