IPO Information Disclosure

CVE-2020-7030

5.5MEDIUM

Key Information

Vendor
Avaya
Status
Ip Office
Vendor
CVE Published:
4 June 2020

Summary

A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though 11.0.4.3.

Affected Version(s)

IP Office = 9.x

IP Office < 10.1.0.8

IP Office < 11.0.4.3

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.