Avaya · Ip Office Contact Center · CVE-2019-7001
**Name of the Vulnerable Software and Affected Versions**
IP Office Contact Center versions prior to 10.1.2.2.2-11201.1908
**Description**
A SQL injection issue in the WebUI component could allow an authenticated attacker to retrieve or alter sensitive data related to other users on the system.
**Recommendations**
For versions prior to 10.1.2.2.2-11201.1908, update to version 10.1.2.2.2-11201.1908 or later to resolve the issue.