CVE-2020-7030

Summary

A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though 11.0.4.3.

Affected Software

VendorProductVersion RangeStatus
AvayaIP Office9.xaffected
AvayaIP Office10.0 < 10.1.0.8affected
AvayaIP Office11.0 < 11.0.4.3affected

Weaknesses

  • CWE-522: CWE-522: Insufficiently Protected Credentials

ADP Enrichment

CVE Program Container

Additional References

References