First published: Fri Feb 28 2020(Updated: )
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. Successful exploitation could potentially allow an unauthenticated attacker to access files that are outside the restricted directory on the remote server.
Credit: securityalerts@avaya.com
Affected Software | Affected Version | How to fix |
---|---|---|
Avaya Aura Conferencing | >=9.0<=9.1.9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The CVE ID of this vulnerability is CVE-2019-7007.
The affected software is Avaya Equinox Management(iView) versions R9.1.9.0 and earlier.
The severity of CVE-2019-7007 is high, with a severity value of 8.6.
Exploiting CVE-2019-7007 could potentially allow an unauthenticated attacker to access files that are outside the restricted directory on the remote server.
Please refer to the Avaya advisory at the following link for information on the fix: [Avaya Advisory](https://downloads.avaya.com/css/P8/documents/101064450)