Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-7007

A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. Successful exploitation could potentially allow an unauthenticated attacker to access files that are outside the restricted directory on the remote server.

Published

2020-02-28T22:15:10.553

Last Modified

2024-11-21T04:47:24.317

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-22
Type: Primary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	avaya	aura_conferencing	≤ 9.1.9.0	Yes

References

https://downloads.avaya.com/css/P8/documents/101064450 Patch, Vendor Advisory ([email protected])
https://downloads.avaya.com/css/P8/documents/101064450 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)