CVE-2020-7030

Published Jun 4, 2020

Last updated 4 years ago

CVSS medium 5.5

Overview

Description: A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though 11.0.4.3.
Source: securityalerts@avaya.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200
securityalerts@avaya.com: CWE-522

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A1882E4-CCE5-421B-97FB-4D61BBFD6A5D",
            "versionEndIncluding": "10.1.0.7",
            "versionStartIncluding": "10.0"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CE17819-2B50-4E38-813E-F63E591CCA1F",
            "versionEndIncluding": "11.0.4.2",
            "versionStartIncluding": "11.0"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BDECE92-2DA9-45D8-8849-0023F63855A2"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38AC8AB4-764E-4C1B-ADCD-95C2AD6684C5"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52ED1E01-4275-4877-B3EC-215898F62F00"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F31B3BCC-9061-4335-B465-C80AE38EE954"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D275ED61-D7D1-4036-8B2F-19BE6C6CC87D"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D40EAD2-7995-4D32-A131-8A833C7A8ABC"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "980AB8C3-F81E-4602-97BE-276C7FE8F4B4"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A3386A8-7474-40B4-A3DB-82E52080FE51"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84A4CE4F-8770-469E-BBA6-1F5197DF8E7B"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E092F76A-A770-447E-9902-6E8F3D9011D0"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67DECE38-07A7-4AB5-959B-10123C3E5A3D"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84FDC940-3893-4D58-A218-CE29D33A88D3"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.0:sp9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A513BE76-1776-4644-9F74-7D7BF6D86D55"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51C14CE3-651D-4503-9711-088B9CF773A0"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9468982C-DB32-490B-9131-9D35E8339467"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B490A4A-A837-4CC6-8A44-5A7F03D73619"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4A09C00-8D54-4674-A1D9-2F5AAD44CDD6"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67BFAB48-462F-4E95-9619-7A54E4BDF6F1"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E488E9F3-5329-43F1-AC9D-36760B95C91A"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDD19739-0237-4C6F-9B6C-E47C9053F82A"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACC5B2C8-CA4E-4482-8842-52886C5D5397"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09060F4E-DDB3-4C45-B628-6357ED0FA008"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C6013D3-4D4C-46F8-82E6-271FB44FD126"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1BED830-57D9-4051-B9D0-4E010AFA7451"
          },
          {
            "criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "110B4593-6CF2-443B-AC7D-7DA98C44058C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References