Avaya IX Workforce Engagement - User Enumeration - CWE-204: Observable Response Discrepancy
CVE-2023-31186

5.3MEDIUM

Key Information:

Vendor: Avaya
Status: IX Workforce Engagement
Vendor: CVE Published:; 30 May 2023

Summary

Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy

Affected Version(s)

IX Workforce Engagement Update to the latest version

References

https://www.gov.il/en/Departments/faq/cve_advisories

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 30, 2023
Vulnerability Reserved
Apr 24, 2023

Credit

Dudu Moyal, Gad Abuhatziera, Moriel Harush

.