CVE-2019-7005

Published: Aug 7, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 through 11.0.4.2.

Affected (2)

Products: Avaya: Ip Office

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Avaya Ip Office	From 10.0 to 10.1.0.7
Avaya Ip Office	From 11.0 to 11.0.4.2

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://downloads.avaya.com/css/P8/documents/101070158

Source: securityalerts@avaya.com

Vendor Advisory

https://downloads.avaya.com/css/P8/documents/101070158

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.