HIGH🇵🇱 Wersja polska

CVE-2019-7005

CVSS 7.5v3.1pub. 2020-08-07upd. 2024-11-21

A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 through 11.0.4.2.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Avaya Ip Office

    APP
    Avaya
    10.0 – 10.1.0.711.0 – 11.0.4.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-4197CRITICAL9.9PL ✓ten sam produkt

Unrestricted file upload umożliwiający RCE w Avaya IP Office (One-X)

CVE-2024-4196CRITICAL10.0PL ✓ten sam produkt

RCE poprzez improper input validation w Avaya IP Office (Web Control)

CVE-2017-11309CRITICAL9.6ten sam produkt

Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute ar...

CVE-2021-25657HIGH7.8ten sam produkt

A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may pot...

CVE-2016-5285HIGH7.5ten sam produkt

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL che...