CVE-2020-7036

XXE in Avaya Callback Assist Administration

CVSS 8.1 HIGHEPSS 1.0%CWE-611

An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Productos afectados

Avaya · Callback Assist

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://downloads.avaya.com/css/P8/documents/101075450