CVE-2020-7034

Summary

A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow an authenticated, remote attacker to send specially crafted messages and execute arbitrary commands with the affected system privileges. Affected versions of Avaya Session Border Controller for Enterprise include 7.x, 8.0 through 8.1.1.x

Affected Software

VendorProductVersion RangeStatus
AvayaSession Border Controller for Enterprise7.xaffected
AvayaSession Border Controller for Enterprise8.0 <= 8.1.1.xaffected

Weaknesses

  • CWE-78: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADP Enrichment

CVE Program Container

Additional References

References