{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T21:30:41.063","vulnerabilities":[{"cve":{"id":"CVE-2025-1041","sourceIdentifier":"securityalerts@avaya.com","published":"2025-06-10T06:15:22.000","lastModified":"2025-07-30T17:59:01.643","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper input validation discovered in \n\nAvaya Call Management System\ncould allow an unauthorized \n\nremote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0."},{"lang":"es","value":"Una validación de entrada incorrecta detectada en Avaya Call Management System podría permitir un comando remoto no autorizado mediante una solicitud web especialmente manipulada. Las versiones afectadas incluyen la 18.x, la 19.x anterior a la 19.2.0.7 y la 20.x anterior a la 20.0.1.0."}],"metrics":{"cvssMetricV31":[{"source":"securityalerts@avaya.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"securityalerts@avaya.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*","versionStartIncluding":"18.0.0.1","versionEndExcluding":"19.2.0.7","matchCriteriaId":"89DA48FC-066F-4C22-BD8D-6B7BF2E23759"},{"vulnerable":true,"criteria":"cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*","versionStartIncluding":"20.0","versionEndExcluding":"20.0.1.0","matchCriteriaId":"2BC9C41D-7B1F-496D-87B4-C687BED46C80"}]}]}],"references":[{"url":"https://support.avaya.com/css/public/documents/101093084","source":"securityalerts@avaya.com","tags":["Vendor Advisory"]}]}}]}