Vulnerabilities impacting supported product versions are listed in the following table as reported by Red Hat, Apache Tomcat and PostgreSQL security advisories. Refer to the Avaya Product Life Cycle Policy for information about supported product versions.
The severity is determined by the highest Common Vulnerability Scoring System (CVSS) score of the Common Vulnerabilities and Exposures (CVE) IDs listed in a vendor's security advisory. Refer to the Common Vulnerability Scoring System: Specification Document for additional information about CVSS score calculations.
Products listed in the Affected Products column have affected software installed as reported in the vendor security advisory.
The following links point to product security fix downloads. The Related Documents area on these pages provide a link to a product documentation which should contain specific details about security fixes. If a product/version does not exist in the below references, refer to the Avaya Support Portal. Search for Documents and/or Downloads using the Product Support drop down menu.
NOTE: Security Service Packs (SSP) MUST not be installed on software-only products.
An Avaya system product includes an Avaya provided operating system.
| Vendor Security Advisory | CVE(s) | Severity | Affected Product(s) |
|---|
httpd:2.4 security update (RHSA-2025:23732)
(Issued: 12/22/2025) | CVE-2025-55753
CVE-2025-58098
CVE-2025-65082
CVE-2025-66200
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
binutils security update (RHSA-2025:23382)
(Issued: 12/18/2025) | CVE-2025-11083
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Pending
|
curl security update (RHSA-2025:23383)
(Issued: 12/18/2025) | CVE-2025-9086
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Pending
|
container-tools:rhel8 security update (RHSA-2025:23374)
(Issued: 12/18/2025) | CVE-2025-58183
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
container-tools:rhel8 security update (RHSA-2025:23543)
(Issued: 12/18/2025) | CVE-2025-52881
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
python39:3.9 security update (RHSA-2025:23530)
(Issued: 12/18/2025) | CVE-2024-5642
CVE-2024-9287
CVE-2024-11168
CVE-2025-0938
CVE-2025-4138
CVE-2025-4330
CVE-2025-4435
CVE-2025-4516
CVE-2025-4517
CVE-2025-6069
CVE-2025-6075
CVE-2025-8291
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
firefox security update (RHSA-2025:23128)
(Issued: 12/11/2025) | CVE-2025-14321
CVE-2025-14322
CVE-2025-14323
CVE-2025-14324
CVE-2025-14325
CVE-2025-14328
CVE-2025-14329
CVE-2025-14330
CVE-2025-14331
CVE-2025-14333
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
mysql:8.4 security update (RHSA-2025:23137)
(Issued: 12/11/2025) | CVE-2025-53040
CVE-2025-53042
CVE-2025-53044
CVE-2025-53045
CVE-2025-53053
CVE-2025-53054
CVE-2025-53062
CVE-2025-53069
| Medium | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
mysql:8.0 security update (RHSA-2025:23134)
(Issued: 12/11/2025) | CVE-2025-53040
CVE-2025-53042
CVE-2025-53044
CVE-2025-53045
CVE-2025-53053
CVE-2025-53054
CVE-2025-53062
CVE-2025-53069
| Medium | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
luksmeta security update (RHSA-2025:23086)
(Issued: 12/11/2025) | CVE-2025-11568
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.2.x SSP16 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.2 SSP16 or later
|
tomcat security update (RHSA-2025:23048)
(Issued: 12/10/2025) | CVE-2025-31651
CVE-2025-55752
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending
|
webkit2gtk3 security update (RHSA-2025:22789)
(Issued: 12/08/2025) | CVE-2023-43000
CVE-2025-13502
CVE-2025-13947
CVE-2025-43392
CVE-2025-43419
CVE-2025-43421
CVE-2025-43425
CVE-2025-43427
CVE-2025-43429
CVE-2025-43430
CVE-2025-43431
CVE-2025-43432
CVE-2025-43434
CVE-2025-43440
CVE-2025-43443
CVE-2025-43458
CVE-2025-43480
CVE-2025-66287
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
kernel security update (RHSA-2025:22801)
(Issued: 12/08/2025) | CVE-2022-50543
CVE-2023-53401
CVE-2023-53539
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Pending
|
abrt security update (RHSA-2025:22760)
(Issued: 12/04/2025) | CVE-2025-12744
| High | - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.2.0.0 or later
|
go-toolset:rhel8 security update (RHSA-2025:22668)
(Issued: 12/03/2025) | CVE-2025-47906
CVE-2025-58183
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
gimp:2.8 security update (RHSA-2025:22417)
(Issued: 12/01/2025) | CVE-2025-10920
CVE-2025-10921
CVE-2025-10922
CVE-2025-10923
CVE-2025-10924
CVE-2025-10925
CVE-2025-10934
| High | - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31 or later
|
kernel security update (RHSA-2025:22388)
(Issued: 12/01/2025) | CVE-2023-53513
CVE-2025-38724
CVE-2025-39825
CVE-2025-39883
CVE-2025-39898
CVE-2025-39955
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Pending
|
firefox security update (RHSA-2025:22363)
(Issued: 12/01/2025) | CVE-2025-13012
CVE-2025-13013
CVE-2025-13014
CVE-2025-13015
CVE-2025-13016
CVE-2025-13017
CVE-2025-13018
CVE-2025-13019
CVE-2025-13020
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
cups security update (RHSA-2025:22063)
(Issued: 11/25/2025) | CVE-2025-58364
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.2.x SSP16 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.2 SSP16 or later
|
kernel security update (RHSA-2025:21917)
(Issued: 11/24/2025) | CVE-2025-39697
CVE-2025-39971
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Pending
|
kernel security update (RHSA-2025:21398)
(Issued: 11/17/2025) | CVE-2025-39718
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Pending
|
container-tools:rhel8 security update (RHSA-2025:21232)
(Issued: 11/13/2025) | CVE-2025-31133
CVE-2025-52565
CVE-2025-52881
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.2.x SSP16 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
libtiff security update (RHSA-2025:20034)
(Issued: 11/10/2025) | CVE-2025-8176
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.2.x SSP16 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.2 SSP16 or later
|
kernel security update (RHSA-2025:19931)
(Issued: 11/10/2025) | CVE-2022-50367
CVE-2023-53178
CVE-2025-40300
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Pending
|
bind security update (RHSA-2025:19835)
(Issued: 11/06/2025) | CVE-2025-40778
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.2.x SSP16 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.2 SSP16 or later
|
libsoup security update (RHSA-2025:19714)
(Issued: 11/04/2025) | CVE-2025-4945
CVE-2025-11021
| High | - Avaya CMS: R21.x, R20.x,
Resolution: Pending - Avaya Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Session Border Controller for Enterprise: 10.x,
Resolution: Pending
|
sssd security update (RHSA-2025:19610)
(Issued: 11/04/2025) | CVE-2025-11561
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.2 SSP16 or later
|
kernel security update (RHSA-2025:19447)
(Issued: 11/03/2025) | CVE-2023-53226
CVE-2023-53257
CVE-2025-39864
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Pending
|
kernel security update (RHSA-2025:19102)
(Issued: 10/27/2025) | CVE-2022-50386
CVE-2023-53297
CVE-2023-53386
CVE-2025-39817
CVE-2025-39841
CVE-2025-39849
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Pending
|
java-1.8.0-openjdk security update (RHSA-2025:18815)
(Issued: 10/23/2025) | CVE-2025-53057
CVE-2025-53066
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.2 SSP15 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.2 SSP16 or later
|
firefox security update (RHSA-2025:18285)
(Issued: 10/20/2025) | CVE-2025-11708
CVE-2025-11709
CVE-2025-11710
CVE-2025-11711
CVE-2025-11712
CVE-2025-11714
CVE-2025-11715
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
libssh security update (RHSA-2025:18286)
(Issued: 10/20/2025) | CVE-2025-5318
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.2 SSP15 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.2 SSP16 or later
|
kernel security update (RHSA-2025:18297)
(Issued: 10/20/2025) | CVE-2023-53373
CVE-2025-39751
CVE-2025-39757
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.2 SSP15 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.2 SSP16 or later
|
webkit2gtk3 security update (RHSA-2025:18070)
(Issued: 10/15/2025) | CVE-2025-43343
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
vim security update (RHSA-2025:17715)
(Issued: 10/09/2025) | CVE-2025-53905
CVE-2025-53906
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP37 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP36, 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later
|
open-vm-tools security update (RHSA-2025:17509)
(Issued: 10/07/2025) | CVE-2025-41244
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP37 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP36, 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP37 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later
|
gnutls security, bug fix, and enhancement update (RHSA-2025:17415)
(Issued: 10/07/2025) | CVE-2025-6395
CVE-2025-32988
CVE-2025-32990
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP37 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP36, 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later
|
kernel security update (RHSA-2025:16919)
(Issued: 09/29/2025) | CVE-2022-50087
CVE-2025-22026
CVE-2025-37797
CVE-2025-38718
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP37 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP36, 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later
|
mysql:8.0 security update (RHSA-2025:16861)
(Issued: 09/29/2025) | CVE-2025-21574
CVE-2025-21575
CVE-2025-21577
CVE-2025-21579
CVE-2025-21580
CVE-2025-21581
CVE-2025-21584
CVE-2025-21585
CVE-2025-30681
CVE-2025-30682
CVE-2025-30683
CVE-2025-30684
CVE-2025-30685
CVE-2025-30687
CVE-2025-30688
CVE-2025-30689
CVE-2025-30693
CVE-2025-30695
CVE-2025-30696
CVE-2025-30699
CVE-2025-30703
CVE-2025-30704
CVE-2025-30705
CVE-2025-30715
CVE-2025-30721
CVE-2025-30722
CVE-2025-50077
CVE-2025-50078
CVE-2025-50079
CVE-2025-50080
CVE-2025-50081
CVE-2025-50082
CVE-2025-50083
CVE-2025-50084
CVE-2025-50085
CVE-2025-50086
CVE-2025-50087
CVE-2025-50088
CVE-2025-50091
CVE-2025-50092
CVE-2025-50093
CVE-2025-50094
CVE-2025-50096
CVE-2025-50097
CVE-2025-50098
CVE-2025-50099
CVE-2025-50100
CVE-2025-50101
CVE-2025-50102
CVE-2025-50104
CVE-2025-53023
| Medium | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
openssh security update (RHSA-2025:16823)
(Issued: 09/26/2025) | CVE-2025-26465
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP37 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP36, 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later
|
thunderbird security update (RHSA-2025:16589)
(Issued: 09/24/2025) | CVE-2025-10527
CVE-2025-10528
CVE-2025-10529
CVE-2025-10532
CVE-2025-10533
CVE-2025-10536
CVE-2025-10537
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
firefox security update (RHSA-2025:16260)
(Issued: 09/22/2025) | CVE-2025-10527
CVE-2025-10528
CVE-2025-10529
CVE-2025-10532
CVE-2025-10533
CVE-2025-10536
CVE-2025-10537
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
kernel security update (RHSA-2025:16372)
(Issued: 09/22/2025) | CVE-2025-38461
CVE-2025-38498
CVE-2025-38556
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP37 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP36, 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later
|
container-tools:rhel8 security update (RHSA-2025:15904)
(Issued: 09/16/2025) | CVE-2025-9566
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP36, 10.2.x SSP15 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
kernel security update (RHSA-2025:15785)
(Issued: 09/15/2025) | CVE-2023-53125
CVE-2025-38350
CVE-2025-38392
CVE-2025-38449
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP37 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP36, 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP37, 10.2 SSP15 or later
|
cups security update (RHSA-2025:15702)
(Issued: 09/11/2025) | CVE-2025-58060
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP15 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP15 or later
|
php:8.2 security update (RHSA-2025:15687)
(Issued: 09/11/2025) | CVE-2024-8929
CVE-2024-11233
CVE-2024-11234
CVE-2025-1217
CVE-2025-1219
CVE-2025-1734
CVE-2025-1736
CVE-2025-1861
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP15 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
kernel security update (RHSA-2025:15471)
(Issued: 09/08/2025) | CVE-2022-49985
CVE-2025-38352
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP15 or later
|
httpd:2.4 security update (RHSA-2025:15123)
(Issued: 09/03/2025) | CVE-2024-47252
CVE-2025-23048
CVE-2025-49630
CVE-2025-49812
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.2.x SSP17 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
postgresql:12 security update (RHSA-2025:15115)
(Issued: 09/03/2025) | CVE-2025-8714
CVE-2025-8715
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.0.0, 10.1.3.0, 10.2.0.0, 10.2.1.1 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
postgresql:15 security update (RHSA-2025:15022)
(Issued: 09/02/2025) | CVE-2025-8714
CVE-2025-8715
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
postgresql:13 security update (RHSA-2025:15021)
(Issued: 09/02/2025) | CVE-2025-8714
CVE-2025-8715
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
kernel security update (RHSA-2025:15008)
(Issued: 09/02/2025) | CVE-2025-38211
CVE-2025-38332
CVE-2025-38464
CVE-2025-38477
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later
|
udisks2 security update (RHSA-2025:15017)
(Issued: 09/02/2025) | CVE-2025-8067
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later
|
aide security update (RHSA-2025:14573)
(Issued: 08/26/2025) | CVE-2025-54389
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later
|
python3 security update (RHSA-2025:14560)
(Issued: 08/26/2025) | CVE-2025-8194
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later
|
pam security update (RHSA-2025:14557)
(Issued: 08/26/2025) | CVE-2025-6020
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later
|
python-cryptography security update (RHSA-2025:14553)
(Issued: 08/26/2025) | CVE-2023-49083
| High | - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later
|
firefox security update (RHSA-2025:14442)
(Issued: 08/25/2025) | CVE-2025-9179
CVE-2025-9180
CVE-2025-9181
CVE-2025-9182
CVE-2025-9185
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
kernel security update (RHSA-2025:14438)
(Issued: 08/25/2025) | CVE-2025-22058
CVE-2025-38200
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later
|
libarchive security update (RHSA-2025:14135)
(Issued: 08/20/2025) | CVE-2025-5914
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later
|
pki-deps:10.6 security update (RHSA-2025:14126)
(Issued: 08/20/2025) | CVE-2025-52999
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending
|
kernel security update (RHSA-2025:13960)
(Issued: 08/18/2025) | CVE-2025-22097
CVE-2025-37914
CVE-2025-38250
CVE-2025-38380
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later
|
go-toolset:rhel8 security update (RHSA-2025:13940)
(Issued: 08/18/2025) | CVE-2025-4674
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
webkit2gtk3 security update (RHSA-2025:13780)
(Issued: 08/13/2025) | CVE-2025-6558
CVE-2025-31273
CVE-2025-31278
CVE-2025-43211
CVE-2025-43212
CVE-2025-43216
CVE-2025-43227
CVE-2025-43240
CVE-2025-43265
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
thunderbird security update (RHSA-2025:13676)
(Issued: 08/12/2025) | CVE-2025-8027
CVE-2025-8028
CVE-2025-8029
CVE-2025-8030
CVE-2025-8031
CVE-2025-8032
CVE-2025-8033
CVE-2025-8034
CVE-2025-8035
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
kernel security update (RHSA-2025:13589)
(Issued: 08/11/2025) | CVE-2021-47670
CVE-2024-56644
CVE-2025-21727
CVE-2025-21759
CVE-2025-38085
CVE-2025-38159
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP35, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP36, 10.2 SSP14 or later
|
gdk-pixbuf2 security update (RHSA-2025:13315)
(Issued: 08/07/2025) | CVE-2025-7345
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
glibc security update (RHSA-2025:12980)
(Issued: 08/05/2025) | CVE-2025-8058
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
kernel security update (RHSA-2025:12752)
(Issued: 08/04/2025) | CVE-2022-50020
CVE-2025-21928
CVE-2025-22020
CVE-2025-37890
CVE-2025-38052
CVE-2025-38079
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.1.x.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
libxml2 security update (RHSA-2025:12450)
(Issued: 07/31/2025) | CVE-2025-7425
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
unbound security update (RHSA-2025:11884)
(Issued: 07/28/2025) | CVE-2025-5994
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
kernel security update (RHSA-2025:11850)
(Issued: 07/28/2025) | CVE-2022-49977
CVE-2025-21905
CVE-2025-21919
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
perl security update (RHSA-2025:11805)
(Issued: 07/28/2025) | CVE-2025-40909
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
nodejs:22 security update (RHSA-2025:11803)
(Issued: 07/28/2025) | CVE-2025-6965
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
firefox security update (RHSA-2025:11747)
(Issued: 07/24/2025) | CVE-2025-8027
CVE-2025-8028
CVE-2025-8029
CVE-2025-8030
CVE-2025-8031
CVE-2025-8032
CVE-2025-8033
CVE-2025-8034
CVE-2025-8035
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
git security update (RHSA-2025:11534)
(Issued: 07/23/2025) | CVE-2024-50349
CVE-2024-52006
CVE-2025-27613
CVE-2025-27614
CVE-2025-46835
CVE-2025-48384
CVE-2025-48385
| High | - Avaya Aura® Device Services: 10.x,
Resolution: Pending
|
kernel security update (RHSA-2025:11455)
(Issued: 07/21/2025) | CVE-2024-50154
CVE-2025-38086
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
java-1.8.0-openjdk security update (RHSA-2025:10862)
(Issued: 07/18/2025) | CVE-2025-30749
CVE-2025-30754
CVE-2025-30761
CVE-2025-50106
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
kernel security update (RHSA-2025:11298)
(Issued: 07/16/2025) | CVE-2022-49058
CVE-2022-49788
CVE-2024-57980
CVE-2024-58002
CVE-2025-21991
CVE-2025-22004
CVE-2025-23150
CVE-2025-37738
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
lz4 security update (RHSA-2025:11035)
(Issued: 07/15/2025) | CVE-2019-17543
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
emacs security update (RHSA-2025:11030)
(Issued: 07/15/2025) | CVE-2024-53920
| High | - Avaya CMS: R21.x, R20.x,
Resolution: Pending - Avaya Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Device Services: 10.x,
Resolution: Pending - Avaya Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
python-setuptools security update (RHSA-2025:11036)
(Issued: 07/15/2025) | CVE-2025-47273
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
libxml2 security update (RHSA-2025:10698)
(Issued: 07/09/2025) | CVE-2025-6021
CVE-2025-49794
CVE-2025-49796
| Critical | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
go-toolset:rhel8 security update (RHSA-2025:10672)
(Issued: 07/09/2025) | CVE-2025-4673
| Medium | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
kernel security update (RHSA-2025:10669)
(Issued: 07/09/2025) | CVE-2022-49111
CVE-2022-49136
CVE-2022-49846
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
jq security update (RHSA-2025:10618)
(Issued: 07/08/2025) | CVE-2024-23337
CVE-2025-48060
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
container-tools:rhel8 security update (RHSA-2025:10551)
(Issued: 07/08/2025) | CVE-2025-6032
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
firefox security update (RHSA-2025:10074)
(Issued: 07/01/2025) | CVE-2025-6424
CVE-2025-6425
CVE-2025-6429
CVE-2025-6430
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
python3 security update (RHSA-2025:10128)
(Issued: 07/01/2025) | CVE-2024-12718
CVE-2025-4138
CVE-2025-4330
CVE-2025-4435
CVE-2025-4517
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
sudo security update (RHSA-2025:10110)
(Issued: 07/01/2025) | CVE-2025-32462
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
pam security update (RHSA-2025:10027)
(Issued: 07/01/2025) | CVE-2025-6020
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP14 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP14 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP14 or later
|
libblockdev security update (RHSA-2025:9878)
(Issued: 06/30/2025) | CVE-2025-6019
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP13 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP13 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP13 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP13 or later
|
kernel security update (RHSA-2025:9580)
(Issued: 06/25/2025) | CVE-2022-48919
CVE-2024-50301
CVE-2024-53064
CVE-2025-21764
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP13 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP34, 10.2.x SSP13 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP13 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP35, 10.2 SSP13 or later
|
gimp:2.8 security update (RHSA-2025:9165)
(Issued: 06/17/2025) | CVE-2025-5473
CVE-2025-48797
CVE-2025-48798
| High | - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31 or later
|
container-tools:rhel8 security update (RHSA-2025:9142)
(Issued: 06/17/2025) | CVE-2025-22871
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP12 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
kernel security update (RHSA-2025:8743)
(Issued: 06/10/2025) | CVE-2022-49395
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.x SSP34, 10.2 SSP12 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP12 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later
|
thunderbird security update (RHSA-2025:8756)
(Issued: 06/10/2025) | CVE-2025-3875
CVE-2025-3877
CVE-2025-3909
CVE-2025-3932
CVE-2025-4918
CVE-2025-4919
CVE-2025-5263
CVE-2025-5264
CVE-2025-5266
CVE-2025-5267
CVE-2025-5268
CVE-2025-5269
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
glibc security update (RHSA-2025:8686)
(Issued: 06/09/2025) | CVE-2025-4802
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.x SSP34, 10.2 SSP12 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP12 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later
|
libxslt security update (RHSA-2025:8676)
(Issued: 06/09/2025) | CVE-2023-40403
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.x SSP34, 10.2 SSP12 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP12 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later
|
nodejs:20 security update (RHSA-2025:8514)
(Issued: 06/04/2025) | CVE-2025-23166
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
nodejs:22 security update (RHSA-2025:8506)
(Issued: 06/04/2025) | CVE-2025-23166
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
go-toolset:rhel8 security update (RHSA-2025:8478)
(Issued: 06/04/2025) | CVE-2025-22871
| Medium | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
perl-CPAN security update (RHSA-2025:8432)
(Issued: 06/03/2025) | CVE-2020-16156
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.x SSP34, 10.2 SSP12 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP12 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later
|
ghostscript security update (RHSA-2025:8421)
(Issued: 06/03/2025) | CVE-2025-27832
| Medium | - Avaya CMS: R21.x, R20.x,
Resolution: Pending
|
python36:3.6 security update (RHSA-2025:8419)
(Issued: 06/03/2025) | CVE-2024-5629
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP27, 10.2 SSP10 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.0.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP29, 10.2.x SSP10 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP10 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Install 10.2.1.0 or later - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP30, 10.2 SSP10 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP30, 10.2 SSP10 or later
|
krb5 security update (RHSA-2025:8411)
(Issued: 06/03/2025) | CVE-2025-3576
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.x SSP34, 10.2 SSP12 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later
|
git security update (RHSA-2025:8414)
(Issued: 06/03/2025) | CVE-2024-52005
| High | - Avaya Aura® Device Services: 10.x,
Resolution: Pending
|
firefox security update (RHSA-2025:8308)
(Issued: 05/29/2025) | CVE-2025-5263
CVE-2025-5264
CVE-2025-5266
CVE-2025-5267
CVE-2025-5268
CVE-2025-5269
| Medium | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
kernel security update (RHSA-2025:8246)
(Issued: 05/28/2025) | CVE-2024-43842
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.x SSP34, 10.2 SSP12 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP12 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later
|
gstreamer1-plugins-bad-free security update (RHSA-2025:8201)
(Issued: 05/27/2025) | CVE-2025-3887
| High | - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP12 or later - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending
|
libsoup security update (RHSA-2025:8132)
(Issued: 05/26/2025) | CVE-2025-2784
CVE-2025-4948
CVE-2025-32049
CVE-2025-32914
| High | - Avaya CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Session Border Controller for Enterprise: 10.x,
Resolution: Pending
|
firefox security update (RHSA-2025:8060)
(Issued: 05/21/2025) | CVE-2025-4918
CVE-2025-4919
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
kernel security update (RHSA-2025:8056)
(Issued: 05/21/2025) | CVE-2024-40906
CVE-2024-44970
CVE-2025-21756
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.x SSP34, 10.2 SSP12 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP12 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP12 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP12 or later
|
compat-openssl10 security update (RHSA-2025:7895)
(Issued: 05/19/2025) | CVE-2023-0286
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.x SSP34, 10.2 SSP11 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP11 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
libjpeg-turbo security update (RHSA-2025:7540)
(Issued: 05/14/2025) | CVE-2020-13790
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.x SSP34, 10.2 SSP11 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP11 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP11 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later
|
kernel security update (RHSA-2025:7531)
(Issued: 05/14/2025) | CVE-2022-49011
CVE-2024-53141
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1.x SSP34, 10.2 SSP11 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP33, 10.2.x SSP11 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP34, 10.2 SSP11 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later
|
thunderbird security update (RHSA-2025:4797)
(Issued: 05/12/2025) | CVE-2025-2817
CVE-2025-4083
CVE-2025-4087
CVE-2025-4091
CVE-2025-4093
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
python39:3.9 security update (RHSA-2025:4791)
(Issued: 05/12/2025) | CVE-2022-2255
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
libtiff security update (RHSA-2025:4658)
(Issued: 05/07/2025) | CVE-2017-17095
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP32, 10.2.x SSP11 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later
|
thunderbird security update (RHSA-2025:4649)
(Issued: 05/07/2025) | CVE-2025-2830
CVE-2025-3522
CVE-2025-3523
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
nodejs:20 security update (RHSA-2025:4461)
(Issued: 05/05/2025) | CVE-2025-31498
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
nodejs:22 security update (RHSA-2025:4459)
(Issued: 05/05/2025) | CVE-2025-3277
CVE-2025-31498
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
firefox security update (RHSA-2025:4458)
(Issued: 05/05/2025) | CVE-2025-2817
CVE-2025-4083
CVE-2025-4087
CVE-2025-4091
CVE-2025-4093
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
ghostscript security update (RHSA-2025:4362)
(Issued: 04/30/2025) | CVE-2020-27792
CVE-2023-46751
CVE-2024-46951
CVE-2024-46952
CVE-2024-46953
CVE-2024-46954
CVE-2024-46956
| High | - Avaya CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later
|
thunderbird security update (RHSA-2025:4170)
(Issued: 04/24/2025) | CVE-2025-3028
CVE-2025-3029
CVE-2025-3030
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
libtasn1 security update (RHSA-2025:4049)
(Issued: 04/23/2025) | CVE-2024-12133
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP32, 10.2.x SSP11 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later
|
xmlrpc-c security update (RHSA-2025:4048)
(Issued: 04/23/2025) | CVE-2024-8176
| High | - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later
|
gnutls security update (RHSA-2025:4051)
(Issued: 04/23/2025) | CVE-2024-12243
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP32, 10.2.x SSP11 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later
|
webkit2gtk3 security update (RHSA-2025:3974)
(Issued: 04/17/2025) | CVE-2024-44192
CVE-2024-54467
CVE-2024-54551
CVE-2025-24208
CVE-2025-24209
CVE-2025-24216
CVE-2025-30427
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
java-17-openjdk security update (RHSA-2025:3852)
(Issued: 04/16/2025) | CVE-2025-21587
CVE-2025-30691
CVE-2025-30698
| High | - Avaya CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Session Border Controller for Enterprise: 10.x,
Resolution: Pending
|
expat security update (RHSA-2025:3913)
(Issued: 04/15/2025) | CVE-2024-8176
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP32, 10.2.x SSP11 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later
|
kernel security update (RHSA-2025:3893)
(Issued: 04/15/2025) | CVE-2024-53150
CVE-2024-53241
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP32, 10.2.x SSP11 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later
|
glibc security update (RHSA-2025:3828)
(Issued: 04/14/2025) | CVE-2025-0395
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP32, 10.2.x SSP11 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later
|
go-toolset:rhel8 security update (RHSA-2025:3772)
(Issued: 04/10/2025) | CVE-2024-45336
CVE-2024-45341
| Medium | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
tomcat security update (RHSA-2025:3683)
(Issued: 04/08/2025) | CVE-2024-50379
CVE-2025-24813
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.2.1.1 or later
|
libxslt security update (RHSA-2025:3615)
(Issued: 04/07/2025) | CVE-2024-55549
CVE-2025-24855
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP32, 10.2.x SSP11 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP11 or later
|
firefox security update (RHSA-2025:3582)
(Issued: 04/03/2025) | CVE-2025-3028
CVE-2025-3029
CVE-2025-3030
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
python-jinja2 security update (RHSA-2025:3388)
(Issued: 03/31/2025) | CVE-2025-27516
| High | - Avaya Session Border Controller for Enterprise: 10.x,
Resolution: Pending
|
kernel security update (RHSA-2025:3260)
(Issued: 03/26/2025) | CVE-2025-21785
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP10 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP32, 10.2.x SSP10 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP13 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP10 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP33, 10.2 SSP10 or later
|
container-tools:rhel8 security update (RHSA-2025:3210)
(Issued: 03/26/2025) | CVE-2025-22869
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP32, 10.2.x SSP10 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
kernel security update (RHSA-2025:3026)
(Issued: 03/19/2025) | CVE-2023-52922
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP10 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31, 10.2.x SSP10 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP11 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP10 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP10 or later
|
thunderbird security update (RHSA-2025:2900)
(Issued: 03/17/2025) | CVE-2025-1937
CVE-2025-1938
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
webkit2gtk3 security update (RHSA-2025:2863)
(Issued: 03/17/2025) | CVE-2025-24201
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
rsync security update (RHSA-2025:2600)
(Issued: 03/11/2025) | CVE-2024-12087
CVE-2024-12088
CVE-2024-12747
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP10 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31, 10.2.x SSP10 or later - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP10 or later
|
kernel security update (RHSA-2025:2473)
(Issued: 03/10/2025) | CVE-2024-50302
CVE-2024-53197
CVE-2024-57807
CVE-2024-57979
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP10 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31, 10.2.x SSP10 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP11 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP10 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP10 or later
|
firefox security update (RHSA-2025:2452)
(Issued: 03/06/2025) | CVE-2025-1930
CVE-2025-1931
CVE-2025-1932
CVE-2025-1933
CVE-2025-1934
CVE-2025-1935
CVE-2025-1936
CVE-2025-1937
CVE-2025-1938
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
webkit2gtk3 security update (RHSA-2025:2034)
(Issued: 03/03/2025) | CVE-2024-54543
CVE-2025-24143
CVE-2025-24150
CVE-2025-24158
CVE-2025-24162
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
emacs security update (RHSA-2025:1917)
(Issued: 02/27/2025) | CVE-2025-1244
| High | - Avaya CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31, 10.2.x SSP10 or later - Avaya Device Services: 10.x,
Resolution: Pending - Avaya Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP10 or later
|
postgresql:13 security update (RHSA-2025:1736)
(Issued: 02/20/2025) | CVE-2025-1094
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
libpq security update (RHSA-2025:1737)
(Issued: 02/20/2025) | CVE-2025-1094
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP11 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later
|
bind security update (RHSA-2025:1675)
(Issued: 02/19/2025) | CVE-2024-11187
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31, 10.2.x SSP9 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP11 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later
|
mysql:8.0 security update (RHSA-2025:1673)
(Issued: 02/19/2025) | CVE-2024-5535
CVE-2024-7264
CVE-2024-11053
CVE-2024-21193
CVE-2024-21194
CVE-2024-21196
CVE-2024-21197
CVE-2024-21198
CVE-2024-21199
CVE-2024-21201
CVE-2024-21203
CVE-2024-21212
CVE-2024-21213
CVE-2024-21218
CVE-2024-21219
CVE-2024-21230
CVE-2024-21231
CVE-2024-21236
CVE-2024-21237
CVE-2024-21238
CVE-2024-21239
CVE-2024-21241
CVE-2024-21247
CVE-2024-37371
CVE-2025-21490
CVE-2025-21491
CVE-2025-21494
CVE-2025-21497
CVE-2025-21500
CVE-2025-21501
CVE-2025-21503
CVE-2025-21504
CVE-2025-21505
CVE-2025-21518
CVE-2025-21519
CVE-2025-21520
CVE-2025-21521
CVE-2025-21522
CVE-2025-21523
CVE-2025-21525
CVE-2025-21529
CVE-2025-21531
CVE-2025-21534
CVE-2025-21536
CVE-2025-21540
CVE-2025-21543
CVE-2025-21546
CVE-2025-21555
CVE-2025-21559
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
libxml2 security update (RHSA-2025:1517)
(Issued: 02/17/2025) | CVE-2022-49043
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31, 10.2.x SSP9 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP11 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later
|
nodejs:22 security update (RHSA-2025:1611)
(Issued: 02/17/2025) | CVE-2025-22150
CVE-2025-23083
CVE-2025-23085
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
nodejs:18 security update (RHSA-2025:1582)
(Issued: 02/17/2025) | CVE-2025-22150
CVE-2025-23085
| Medium | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
container-tools:rhel8 security update (RHSA-2025:1372)
(Issued: 02/13/2025) | CVE-2024-11218
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31, 10.2.x SSP9 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
nodejs:20 security update (RHSA-2025:1351)
(Issued: 02/12/2025) | CVE-2025-22150
CVE-2025-23083
CVE-2025-23085
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Pending
|
kernel security update (RHSA-2025:1266)
(Issued: 02/11/2025) | CVE-2024-53104
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31, 10.2.x SSP9 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP11 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later
|
gcc security update (RHSA-2025:1301)
(Issued: 02/11/2025) | CVE-2020-11023
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.2 SSP10 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Pending - Avaya Aura® Communication Manager: 10.x,
Resolution: Pending - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP11 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later
|
thunderbird security update (RHSA-2025:1292)
(Issued: 02/11/2025) | CVE-2025-0510
CVE-2025-1009
CVE-2025-1010
CVE-2025-1011
CVE-2025-1012
CVE-2025-1013
CVE-2025-1014
CVE-2025-1015
CVE-2025-1016
CVE-2025-1017
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
firefox security update (RHSA-2025:1283)
(Issued: 02/11/2025) | CVE-2025-1009
CVE-2025-1010
CVE-2025-1011
CVE-2025-1012
CVE-2025-1013
CVE-2025-1014
CVE-2025-1016
CVE-2025-1017
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
libsoup security update (RHSA-2025:0838)
(Issued: 01/30/2025) | CVE-2024-52531
| Critical | - Avaya CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Session Border Controller for Enterprise: 10.x,
Resolution: Pending
|
unbound security update (RHSA-2025:0837)
(Issued: 01/30/2025) | CVE-2024-1488
CVE-2024-8508
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31, 10.2.x SSP9 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP11 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later
|
gimp:2.8 security update (RHSA-2025:0746)
(Issued: 01/28/2025) | CVE-2023-44442
CVE-2023-44443
CVE-2023-44444
| High | - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31 or later
|
keepalived security update (RHSA-2025:0743)
(Issued: 01/28/2025) | CVE-2024-41184
| Medium | - Avaya Aura® Device Services: 10.x,
Resolution: Pending - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Install 10.1.2.0 or later
|
bzip2 security and bug fix update (RHSA-2025:0733)
(Issued: 01/28/2025) | CVE-2019-12900
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP31, 10.2.x SSP9 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP11 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP32, 10.2 SSP9 or later
|
java-17-openjdk security update for RHEL 8.6, 8.8, 8.10, 9.4 and 9.5 (RHSA-2025:0422)
(Issued: 01/22/2025) | CVE-2025-21502
| Medium | - Avaya CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Session Border Controller for Enterprise: 10.x,
Resolution: Pending
|
rsync security update (RHSA-2025:0325)
(Issued: 01/15/2025) | CVE-2024-12085
| High | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP31, 10.2 SSP9 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP30, 10.2.x SSP9 or later - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP31, 10.2 SSP9 or later
|
webkit2gtk3 security update (RHSA-2025:0145)
(Issued: 01/09/2025) | CVE-2024-54479
CVE-2024-54502
CVE-2024-54505
CVE-2024-54508
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
firefox security update (RHSA-2025:0144)
(Issued: 01/09/2025) | CVE-2025-0237
CVE-2025-0238
CVE-2025-0239
CVE-2025-0240
CVE-2025-0241
CVE-2025-0242
CVE-2025-0243
| High | - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates
|
python-requests security update (RHSA-2025:0012)
(Issued: 01/02/2025) | CVE-2024-35195
| Medium | - Avaya Aura® Application Enablement Services: 10.x,
Resolution: Install 10.1 SSP31, 10.2 SSP9 or later - Avaya Aura® CMS: R21.x, R20.x,
Resolution: Install R21.0.2.0 or later - Avaya Aura® Communication Manager: 10.x,
Resolution: Install 10.1.x SSP30, 10.2.x SSP9 or later - Avaya Aura® Device Services: 10.x,
Resolution: Install 10.x SSP11 or later - Avaya Aura® Experience Portal: 8.x,
Resolution: Install 8.x Latest Security Updates - Avaya Aura® Session Border Controller for Enterprise: 10.x,
Resolution: Pending - Avaya Aura® Session Manager: 10.x,
Resolution: Install 10.1 SSP31, 10.2 SSP9 or later - Avaya Aura® System Manager: 10.x,
Resolution: Install 10.1 SSP31, 10.2 SSP9 or later
|
Avaya software-only products operate on general-purpose operating systems. Occasionally, vulnerabilities may be discovered in the underlying operating system or applications that come with the operating system. These vulnerabilities may not impact the software-only product directly but may threaten the integrity of the underlying platform.
In the event an affected package is installed, review the Avaya product software-only RPM updates documentation before following the mitigation actions provided by the operating system vendor. DO NOT install Security Service Packs (SSP) on software-only products. Failure to follow these requirements may result in system breakage and may impact support agreements.
Avaya strongly recommends following networking and security best practices by implementing firewalls, ACLs, physical security or other appropriate access restrictions. Though Avaya believes such restrictions should always be in place, risk to Avaya products and the surrounding network from this potential vulnerability may be mitigated by ensuring these practices are implemented until such time as an Avaya provided product update or the recommended Avaya action is applied. Further restrictions as deemed necessary based on the customer's security policies may be required during this interim period, but the System Product operating system or application should not be modified unless the change is approved by Avaya. Making changes that are not approved may void the Avaya product service contract.
All information is believed to be correct at the time of publication, is provided "as is", and is applicable only to product versions eligible for manufacturer support in accordance with Avaya Product Life Cycle Policy. Avaya LLC., on behalf itself and its subsidiaries and affiliates (hereinafter collectively referred to as "Avaya"), disclaims all warranties, either extras or implied, including but not limited to the warranties of merchantability and fitness for a particular purpose and furthermore, Avaya makes no representations or warranties that the steps recommended will eliminate security or virus threats to customers' systems. In no event shall Avaya be liable for any damages whatsoever arising out of or in connection with the information or recommended action provided herein, including direct, indirect, incidental, statutory , consequential damages, loss of business profits or special damages, even if Avaya has been advised of the possibility of such damages.
The information provided here does not affect the support agreements in place for Avaya products. Support for Avaya products continues to be executed as per existing agreements with Avaya.
© 2025 Avaya Inc. All Rights Reserved. All trademarks identifying Avaya products by the ® or ™ are registered trademarks or trademarks, respectively, of Avaya Inc. All other trademarks are the property of their respective owners.