Security Advisories
Release Date 29th March 2021 Overview If users have the Access Control integration enabled, in the Users -> Roles dialog, there's a toggle called...
Tue, 30 Mar, 2021 at 9:27 AM
Release Date 18th March 2021. Overview Any logged in Ava Aware user could read and modify maps without having the appropriate site permissions. Affected...
Thu, 18 Mar, 2021 at 4:42 PM
Release Date 2nd March 2021. Overview A vulnerability in Ava Cloud made it possible for an unauthenticated attacker to create Ava Aware Cloud deployments...
Tue, 2 Mar, 2021 at 10:58 AM
Release Date 22nd February 2021. Overview Unsafe handling of RTP media streams can cause an out of memory crash loop in the RTP receiver and thus a DOS o...
Mon, 22 Feb, 2021 at 5:25 PM
Release Date 4th February 2021. Overview An attacker could perform denial-of-service attacks to Ava Aware, Ava Cameras, and Ava Cloud using unauthenticat...
Thu, 4 Feb, 2021 at 4:11 PM
Ava-368: Permissions not enforced on certain Ava Aware APIs
Release Date
18th January 2021.
Overview
Permissions were not correctly enforced on ce...
Mon, 18 Jan, 2021 at 4:40 PM
Ava-349: Denial of service vulnerability in Ava Aware on premise and Ava cameras Release Date 18th December 2020. Overview A vulnerability in a third pa...
Mon, 21 Dec, 2020 at 3:05 PM
Ava-350: Ava Cloud user able to escalate their privileges on Ava Aware
Release Date
18th December 2020.
Overview
An Ava Aware user that enters dep...
Fri, 18 Dec, 2020 at 6:31 PM
Ava-337: Hashed cloud backup password retrievable using the Ava Aware API
Release Date
18th December 2020.
Overview
An authenticated user can make...
Fri, 18 Dec, 2020 at 6:31 PM
Ava-345: Permissions not enforced for certain Ava Aware alarm APIs
Release Date
10th December 2020.
Overview
An Ava Aware user without the appropr...
Tue, 15 Dec, 2020 at 2:09 PM