CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.7%
Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request.
Vendor | Product | Version | CPE |
---|---|---|---|
avaya | ip_office_customer_call_reporter | 7.0 | cpe:2.3:a:avaya:ip_office_customer_call_reporter:7.0:*:*:*:*:*:*:* |
avaya | ip_office_customer_call_reporter | 8.0 | cpe:2.3:a:avaya:ip_office_customer_call_reporter:8.0:*:*:*:*:*:*:* |