SECURITY ADVISORY

AVAYA Cloud is aware of the Spring4Shell vulnerability and has taken immediate steps to neutralize the risk.

Our Security Ops team has implemented mitigation and isolation across our Cloud Solutions for any exploit attempts of this CVE at Cloud Edge & Web Application Firewall (WAF).

Avaya CloudOps will continue to track this vulnerability and monitor the situation. Avaya will adjust our mitigation efforts if necessary as the situation evolves. We will provide status updates on a regular basis on this status page.

All Systems Operational
CPaaS Messaging ? Operational
Inbound SMS ? Operational
Inbound MMS ? Operational
Outbound SMS ? Operational
Outbound MMS ? Operational
CPaaS Voice/API ? Operational
REST API Operational
General Infrastructure Operational
Lookups ? Operational
Dashboard ? Operational
Voice Operational
Phone Numbers ? Operational
Transcriptions ? Operational
Recordings Operational
SIP Trunking ? Operational
Inbound Calling ? Operational
Outbound Calling ? Operational
Media Processing Regions ? Operational
North America East ? Operational
North America Northeast Operational
North America West ? Operational
North America Central ? Operational
South America East Operational
Asia Southeast ? Operational
Asia Northeast Operational
Asia South ? Operational
Europe North Operational
Europe Central ? Operational
Europe West ? Operational
Oceania Operational
Asia Operational
Europe Operational
Spaces ? Operational
Dialing Operational
Messaging Operational
Live Meetings Operational
Media Processing ? Operational
Sign-In Operational
Mobile App Operational
Email Invites Operational
Calendar Integration Operational
Avaya Meeting Scheduler ? Operational
Screen share Operational
OneCloud Admin Portal ? Operational
Web portal ? Operational
US DC connectivity ? Operational
EU DC Connectivity ? Operational
Virtual Agent Studio ? Operational
UI - US East ? Operational
UI - US Central ? Operational
UI - Europe West ? Operational
API - US East ? Operational
API - US Central ? Operational
API - Europe West ? Operational
EndPoint - US East ? Operational
EndPoint - US Central ? Operational
EndPoint - Europe West ? Operational
WebChat - US East ? Operational
WebChat - US Central ? Operational
WebChat - Europe West ? Operational
OData - US East ? Operational
OData - US Central ? Operational
OData - Europe West ? Operational
CCaaS Public Omni ? Operational
Voice - North America (NA) Operational
Email - North America (NA) Operational
Chat - North America (NA) Operational
Messaging - North America (NA) Operational
Voice - South America (SA) Operational
Email - South America (SA) Operational
Chat - South America (SA) Operational
Messaging - South America (SA) Operational
Voice - Europe (EU) Operational
Email - Europe (EU) Operational
Chat - Europe (EU) Operational
Messaging - Europe (EU) Operational
Voice - United Kingdom (UK) Operational
Email - United Kingdom (UK) Operational
Chat - United Kingdom (UK) Operational
Messaging - United Kingdom (UK) Operational
Voice - AsiaPacific (APAC) Operational
Email - AsiaPacific (APAC) Operational
Chat - AsiaPacific (APAC) Operational
Messaging - AsiaPacific (APAC) Operational
Avaya Social Connections ? Operational
Facebook Operational
Twitter Operational
Instagram Operational
Core Operational
Admin Portal Operational
Agents/Widgets/Tools ? Operational
Virtual Agent ? Operational
SMCC Widget ? Operational
CX History ? Operational
Video consultation tool Operational
Recording Operational
Reporting Operational
Invites / Waiting Room Operational
Voice and SMS Operational
Meeting Operational
API Operational
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Scheduled Maintenance
Please be advised of the monthly maintenance window required for CCaaS Omni Drop 26 release to Prod-ASE Environment (Singapore/Asia Pacific regional Data Centre), which will cover feature and hotfix updates across Voice and Digital features, and Unified Client.

This planned maintenance does not require any downtime and is expected to be transparent to end users, however as the upgrade proceeds, users may experience short periods of degradation (e.g. reconnection notification at the agent desktop, short delay updating Real Time Displays, 2-5 secs delay presenting a contact to an agent) during the maintenance window timeframe. The timing of the maintenance window is planned to eliminate degradation as much as possible.

Full release notes will be published with a detailed overview of all items included in this release.

Posted on Sep 29, 2022 - 14:30 EDT
Please be advised of the monthly maintenance window required for CCaaS Omni Drop 27 release to Prod-UK Environment (United Kingdom Data Centre), which will cover feature and hotfix updates across Voice and Digital features, and Unified Client.

This planned maintenance does not require any downtime and is expected to be transparent to end users, however as the upgrade proceeds, users may experience short periods of degradation (e.g. reconnection notification at the agent desktop, short delay updating Real Time Displays, 2-5 secs delay presenting a contact to an agent) during the maintenance window timeframe. The timing of the maintenance window is planned to eliminate degradation as much as possible.

Full release notes will be published with a detailed overview of all items included in this release.

Posted on Sep 29, 2022 - 14:34 EDT
Please be advised of the monthly maintenance window required for CCaaS Omni Drop 27 release to Prod-NA Environment (North America Data Centre), which will cover feature and hotfix updates across Voice and Digital features, and Unified Client.

This planned maintenance does not require any downtime and is expected to be transparent to end users, however as the upgrade proceeds, users may experience short periods of degradation (e.g. reconnection notification at the agent desktop, short delay updating Real Time Displays, 2-5 secs delay presenting a contact to an agent) during the maintenance window timeframe. The timing of the maintenance window is planned to eliminate degradation as much as possible.

Full release notes will be published with a detailed overview of all items included in this release.

Posted on Sep 29, 2022 - 14:37 EDT
Update - We will be undergoing scheduled maintenance during this time.
Sep 29, 2022 - 14:44 EDT
Scheduled - Please be advised of the monthly maintenance window required for CCaaS Omni Drop 27 release to Prod-EU Environment (Europe/Middle East/ASIA (EMEA) Data Centre), which will cover feature and hotfix updates across Voice and Digital features, and Unified Client.

This planned maintenance does not require any downtime and is expected to be transparent to end users, however as the upgrade proceeds, users may experience short periods of degradation (e.g. reconnection notification at the agent desktop, short delay updating Real Time Displays, 2-5 secs delay presenting a contact to an agent) during the maintenance window timeframe. The timing of the maintenance window is planned to eliminate degradation as much as possible.

Full release notes will be published with a detailed overview of all items included in this release.

Sep 29, 2022 - 14:40 EDT
Please be advised of the monthly maintenance window required for CCaaS Omni Drop 27 release to Prod-SA Environment (South America Data Centre), which will cover feature and hotfix updates across Voice and Digital features, and Unified Client.

This planned maintenance does not require any downtime and is expected to be transparent to end users, however as the upgrade proceeds, users may experience short periods of degradation (e.g. reconnection notification at the agent desktop, short delay updating Real Time Displays, 2-5 secs delay presenting a contact to an agent) during the maintenance window timeframe. The timing of the maintenance window is planned to eliminate degradation as much as possible.

Full release notes will be published with a detailed overview of all items included in this release.

Posted on Sep 29, 2022 - 14:42 EDT
Past Incidents
Oct 2, 2022

No incidents reported today.

Oct 1, 2022

No incidents reported.

Sep 30, 2022

No incidents reported.

Sep 29, 2022

No incidents reported.

Sep 28, 2022
Resolved - The Video consultant tool is fixed .
Sep 28, 16:38 EDT
Investigating - We have a ongoing issue with the application wherein we are not able to login into the VCT application.
We are investigating the issue as this is related to cloud provider.

Sep 28, 14:34 EDT
Sep 27, 2022

No incidents reported.

Sep 26, 2022

No incidents reported.

Sep 25, 2022
Completed - The scheduled maintenance has been completed.
Sep 25, 11:30 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 25, 04:31 EDT
Update - Release Notes for the Drop 26 release is available at - https://download.avaya.com/css/public/documents/101083513
Sep 20, 11:43 EDT
Scheduled - Please be advised of the monthly maintenance window required for CCaaS Omni Drop 26 release to Prod-SA Environment, which will cover feature and hotfix updates across Voice and Digital features, and Unified Client.

This planned maintenance does not require any downtime and is expected to be transparent to end users, however as the upgrade proceeds, users may experience short periods of degradation (e.g. reconnection notification at the agent desktop, short delay updating Real Time Displays, 2-5 secs delay presenting a contact to an agent) during the maintenance window timeframe. The timing of the maintenance window is planned to eliminate degradation as much as possible.

Full release notes will be published with a detailed overview of all items included in this release.

Sep 14, 15:55 EDT
Completed - The scheduled maintenance has been completed.
Sep 25, 03:30 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 24, 20:30 EDT
Update - Release Notes for the Drop 26 release is available at - https://download.avaya.com/css/public/documents/101083513
Sep 20, 11:43 EDT
Scheduled - Please be advised of the monthly maintenance window required for CCaaS Omni Drop 26 release to Prod-EU Environment, which will cover feature and hotfix updates across Voice and Digital features, and Unified Client.

This planned maintenance does not require any downtime and is expected to be transparent to end users, however as the upgrade proceeds, users may experience short periods of degradation (e.g. reconnection notification at the agent desktop, short delay updating Real Time Displays, 2-5 secs delay presenting a contact to an agent) during the maintenance window timeframe. The timing of the maintenance window is planned to eliminate degradation as much as possible.

Full release notes will be published with a detailed overview of all items included in this release.

Sep 14, 15:51 EDT
Sep 24, 2022
Completed - The scheduled maintenance has been completed.
Sep 24, 08:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 24, 01:00 EDT
Update - Release Notes for the Drop 26 release is available at - https://download.avaya.com/css/public/documents/101083513
Sep 20, 11:42 EDT
Scheduled - Please be advised of the monthly maintenance window required for CCaaS Omni Drop 26 release to Prod-NA Environment, which will cover feature and hotfix updates across Voice and Digital features, and Unified Client.

This planned maintenance does not require any downtime and is expected to be transparent to end users, however as the upgrade proceeds, users may experience short periods of degradation (e.g. reconnection notification at the agent desktop, short delay updating Real Time Displays, 2-5 secs delay presenting a contact to an agent) during the maintenance window timeframe. The timing of the maintenance window is planned to eliminate degradation as much as possible.

Full release notes will be published with a detailed overview of all items included in this release.

Sep 14, 15:50 EDT
Sep 23, 2022
Completed - The scheduled maintenance has been completed.
Sep 23, 21:30 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 23, 14:30 EDT
Update - Release Notes for the Drop 26 release is available at - https://download.avaya.com/css/public/documents/101083513
Sep 20, 11:42 EDT
Scheduled - Please be advised of the monthly maintenance window required for CCaaS Omni Drop 26 release to Prod-UK Environment, which will cover feature and hotfix updates across Voice and Digital features, and Unified Client.

This planned maintenance does not require any downtime and is expected to be transparent to end users, however as the upgrade proceeds, users may experience short periods of degradation (e.g. reconnection notification at the agent desktop, short delay updating Real Time Displays, 2-5 secs delay presenting a contact to an agent) during the maintenance window timeframe. The timing of the maintenance window is planned to eliminate degradation as much as possible.

Full release notes will be published with a detailed overview of all items included in this release.

Sep 14, 15:48 EDT
Resolved -

We want to notify you of an upcoming New Feature enhancement for Email mailboxes, to configure with Microsoft OAuth2.0 Authentication.



Drop 26 introduces the ability to configure email mailboxes for Microsoft OAuth2.0 Authentication.
When a tenant administrator creates a new email mailbox, on the first connection attempt a pop-up window will appear to sign in to your Microsoft Office 365 account and grant access to Avaya’s CCaaS Application to access the mailbox.

In the case where this is the first time for Azure AD domain to consent access to Avaya CCaaS Application, approval from the Office365 Administrator of the domain will be required (required once per domain), a pop-up dialog will appear to the tenant administrator which includes the required access rights and a submit button to send the request from Microsoft to the IT administrator of their Organization (Office365 administrator) for approval.

In the case of subsequent activities to create a new mailbox or reconnect to the same mailbox, a dialog will appear to sign in to Microsoft office 365 account and grant access to the Avaya’s CCaaS App.

In the case where multiple existing mailboxes with different active directory accounts are changing from Custom (Basic Authentication) to Microsoft OAuth2.0 Authentication then approval for each active directory account is required by the Azure AD administrator.

The Impact of the Office365 administrator not approving this activity will lead to CCaaS not being able to authenticate these mailboxes resulting in email contacts not routing to agents.

Please Note: Microsoft will begin to enforce OAuth2 connectivity from Oct 1st, 2022.




Please find the links below for each of the region's maintenance window.


Prod-ASE Drop 26 Maintenance Window


Prod-UK Drop 26 Maintenance Window


Prod-NA Drop 26 Maintenance Window


Prod-EU Drop 26 Maintenance Window


Prod-SA Drop 26 Maintenance Window


For questions on this planned maintenance or if you need technical assistance, please log a support case through the Avaya OneCare portal and one of our support engineers will reach out to you.


Thank you
Avaya CCaaS Cloud Operations Team


Sep 23, 08:47 EDT
Sep 22, 2022
Completed - The scheduled maintenance has been completed.
Sep 22, 21:01 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 22, 14:00 EDT
Update - Release Notes for the Drop 26 release is available at - https://download.avaya.com/css/public/documents/101083513
Sep 20, 11:41 EDT
Scheduled - Please be advised of the monthly maintenance window required for CCaaS Omni Drop 26 release to Prod-ASE Environment, which will cover feature and hotfix updates across Voice and Digital features, and Unified Client.

This planned maintenance does not require any downtime and is expected to be transparent to end users, however as the upgrade proceeds, users may experience short periods of degradation (e.g. reconnection notification at the agent desktop, short delay updating Real Time Displays, 2-5 secs delay presenting a contact to an agent) during the maintenance window timeframe. The timing of the maintenance window is planned to eliminate degradation as much as possible.

Full release notes will be published with a detailed overview of all items included in this release.

Sep 14, 15:45 EDT
Completed - This scheduled maintenance has been completed.
Sep 22, 17:25 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 22, 15:30 EDT
Scheduled - Video Consultant Tool (VCT) Deployment - Maintenance Window
Please be advised of the monthly maintenance window required for the Video Consultant Tool (VCT) release to the Production Environment.

For the initial 2 hours of the maintenance window the application will be inaccessible. In the later half hour testing will be carried out and application will be available.

Full release notes will be published with a detailed overview of all items included in this release.

Sep 21, 12:14 EDT
Sep 21, 2022

No incidents reported.

Sep 20, 2022

No incidents reported.

Sep 19, 2022

No incidents reported.

Sep 18, 2022

No incidents reported.