A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 through 11.0.4.2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NAvaya Ip Office
APPAvaya10.0 – 10.1.0.711.0 – 11.0.4.2
Related vulnerabilities
Unrestricted file upload umożliwiający RCE w Avaya IP Office (One-X)
RCE poprzez improper input validation w Avaya IP Office (Web Control)
Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute ar...
A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may pot...
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL che...