A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated malicious user to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7.x and 8.0.x versions before 8.0.4.0. Unsupported versions not listed here were not evaluated.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
avaya control manager |