PT-2019-18408 · Avaya · Ip Office Contact Center

Eddie Tan

Published

2019-04-04

Updated

2019-10-09

CVE-2019-7001

CVSS v3.1

9.9

Critical

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IP Office Contact Center versions prior to 10.1.2.2.2-11201.1908

Description A SQL injection issue in the WebUI component could allow an authenticated attacker to retrieve or alter sensitive data related to other users on the system.

Recommendations For versions prior to 10.1.2.2.2-11201.1908, update to version 10.1.2.2.2-11201.1908 or later to resolve the issue.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2019-7001

Affected Products

Ip Office Contact Center

PT-2019-18408 · Avaya · Ip Office Contact Center

CVE-2019-7001

Weakness Enumeration

Related Identifiers

Affected Products

References · 3