Published: 04/06/2020 Updated: 09/06/2020

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

A sensitive information disclosure vulnerability exists in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 up to and including 10.1.0.7 and 11.0 though 11.0.4.3.

Vulnerable Product	Search on Vulmon	Subscribe to Product
avaya ip office 9.0
avaya ip office 9.1
avaya ip office

Avaya IP Office versions 9180 through 11 suffer from an insecure transit vulnerability that allows for password disclosure ...

CWE-200 https://downloads.avaya.com/css/P8/documents/101067493 http://packetstormsecurity.com/files/157957/Avaya-IP-Office-11-Insecure-Transit-Password-Disclosure.html http://seclists.org/fulldisclosure/2020/Jun/12 https://nvd.nist.gov https://packetstormsecurity.com/files/157957/Avaya-IP-Office-11-Insecure-Transit-Password-Disclosure.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-7030

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect