Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAvayaCVE-2020-7030
HistoryJun 04, 2020 - 12:15 a.m.

CVE-2020-7030

2020-06-0400:15:10
CWE-522
CWE-200
avaya
web.nvd.nist.gov
133
cve
2020
7030
info disclosure
ip office
web interface
vulnerability
nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

18.0%

JSON

A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though 11.0.4.3.

Affected configurations

Nvd
Node
avayaip_officeRange10.010.1.0.7
OR
avayaip_officeRange11.011.0.4.2
OR
avayaip_officeMatch9.0-
OR
avayaip_officeMatch9.0sp1
OR
avayaip_officeMatch9.0sp10
OR
avayaip_officeMatch9.0sp11
OR
avayaip_officeMatch9.0sp12
OR
avayaip_officeMatch9.0sp2
OR
avayaip_officeMatch9.0sp3
OR
avayaip_officeMatch9.0sp4
OR
avayaip_officeMatch9.0sp5
OR
avayaip_officeMatch9.0sp6
OR
avayaip_officeMatch9.0sp7
OR
avayaip_officeMatch9.0sp8
OR
avayaip_officeMatch9.0sp9
OR
avayaip_officeMatch9.1-
OR
avayaip_officeMatch9.1sp1
OR
avayaip_officeMatch9.1sp10
OR
avayaip_officeMatch9.1sp11
OR
avayaip_officeMatch9.1sp12
OR
avayaip_officeMatch9.1sp3
OR
avayaip_officeMatch9.1sp4
OR
avayaip_officeMatch9.1sp5
OR
avayaip_officeMatch9.1sp6
OR
avayaip_officeMatch9.1sp7
OR
avayaip_officeMatch9.1sp8
OR
avayaip_officeMatch9.1sp9
VendorProductVersionCPE
avayaip_office*cpe:2.3:a:avaya:ip_office:*:*:*:*:*:*:*:*
avayaip_office9.0cpe:2.3:a:avaya:ip_office:9.0:-:*:*:*:*:*:*
avayaip_office9.0cpe:2.3:a:avaya:ip_office:9.0:sp1:*:*:*:*:*:*
avayaip_office9.0cpe:2.3:a:avaya:ip_office:9.0:sp10:*:*:*:*:*:*
avayaip_office9.0cpe:2.3:a:avaya:ip_office:9.0:sp11:*:*:*:*:*:*
avayaip_office9.0cpe:2.3:a:avaya:ip_office:9.0:sp12:*:*:*:*:*:*
avayaip_office9.0cpe:2.3:a:avaya:ip_office:9.0:sp2:*:*:*:*:*:*
avayaip_office9.0cpe:2.3:a:avaya:ip_office:9.0:sp3:*:*:*:*:*:*
avayaip_office9.0cpe:2.3:a:avaya:ip_office:9.0:sp4:*:*:*:*:*:*
avayaip_office9.0cpe:2.3:a:avaya:ip_office:9.0:sp5:*:*:*:*:*:*
Rows per page:
1-10 of 261

CNA Affected

[
  {
    "product": "IP Office",
    "vendor": "Avaya",
    "versions": [
      {
        "status": "affected",
        "version": "9.x"
      },
      {
        "lessThan": "10.1.0.8",
        "status": "affected",
        "version": "10.0",
        "versionType": "custom"
      },
      {
        "lessThan": "11.0.4.3",
        "status": "affected",
        "version": "11.0",
        "versionType": "custom"
      }
    ]
  }
]

Related

nvd 1
zdt 1
openvas 1
cvelist 1
prion 1
exploitdb 1
packetstorm 1
nvd
nvd
CVE-2020-7030
2020-06-04 00:15:10
zdt
zdt
Avaya IP Office 11 Insecure Transit / Password Disclosure Vulnerability
2020-06-08 00:00:00
openvas
openvas
Avaya IP Office 9.x < 10.1.0.8, 11.0 < 11.0.4.3 Information Disclosure Vulnerability
2020-06-09 00:00:00
cvelist
cvelist
CVE-2020-7030 IPO Information Disclosure
2020-06-03 23:45:14
prion
prion
Information disclosure
2020-06-04 00:15:00
exploitdb
exploitdb
Avaya IP Office 11 - Password Disclosure
2020-06-12 00:00:00
packetstorm
packetstorm
Avaya IP Office 11 Insecure Transit / Password Disclosure
2020-06-05 00:00:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

18.0%

JSON
Related for CVE-2020-7030
nvd1zdt1openvas1cvelist1prion1exploitdb1packetstorm1