RSS   Podatności dla 'Ip office'   RSS

2020-08-07
 
CVE-2019-7005

CWE-200
 

 
A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 through 11.0.4.2.

 
2020-06-04
 
CVE-2020-7030

CWE-200
 

 
A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though 11.0.4.3.

 
2019-11-15
 
CVE-2016-5285

CWE-476
 

 
Null pointer dereference vulnerability exists in K11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime in NSS before 3.26, which causes the TLS/SSL server using NSS to crash.

 
2019-05-10
 
CVE-2018-8812

CWE-20
 

 
An issue was discovered in Avaya one-X Portal for IP Office 9.1.2.0 and prior. The DownloadToLocalDriveServlet function from the AFA portal is only intended to download backup ZIP files from the server to the operator desktop; however, a malicious user capable of intercepting the HTTP request would be able to modify folder and filename parameters in order to get access to any file on the underlying operating system, as demonstrated by a folder=/etc/&filename=passwd query string. Additionally it could cause a DoS, as this functions also implements file deletion after downloading.

 
2019-01-23
 
CVE-2018-15614

CWE-79
 

 
A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. Affected versions of IP Office include 10.0 through 10.1 SP3 and 11.0 versions prior to 11.0 SP1.

 
2018-09-12
 
CVE-2018-15610

CWE-22
 

 
A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 through 9.1 SP12, 10.0 through 10.0 SP7, and 10.1 through 10.1 SP2.

 
2017-11-09
 
CVE-2017-11309

CWE-119
 

 
Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response.

 

 >>> Vendor: Avaya 114 Produkty
Argent office
Libsafe
Cajun p550
Cajun p550r
Cajun p580
Cajun p880
Cajun p882
Cajun m770-atm
Cajun p130
Cajun p330
Predictive dialer system
Intuity audix
VSU
Converged communications server
S8300
S8500
S8700
Sg200
Sg203
Sg208
SG5
Ip600 media servers
Definity one media server
S8100
Modular messaging message storage server
Cvlan
Integrated management
Call management system server
S3400
Communication manager
Intuity audix lx
Mn100
Network routing
S8710
Interactive response
Ip office phone manager
Ip soft phone
Vpnremote
Wireless ap-3
Wireless ap-4
Wireless ap-5
Wireless ap-6
Wireless ap-7
Wireless ap-8
Tn2602ap ip media resource 320 circuit pack
Vsu 100
Vsu 10000
Vsu 2000
Vsu 7500
Csu 5000
Sip enablement services
Media server
One-x
4602sw ip phone
Voip handset
Message networking
Messaging storage server
Broadcast server
Secure access link gateway
Aura application server 5300
Ip office customer call reporter
Vsp operating system software
Ip office contact center
AURA
Aura orchestration designer
Orchestration designer
Ip office
Call management system supervisor
One-x communicator
Agent access
Aura conferencing standard edition
Basic call management system reporting desktop
Call management server supervisor
Callvisor asai lan
Computer telephony
Contact center express
Customer interaction express
Enterprise manager
Interaction center
Ip agent
Ip softphone
Network reporting
Octelaccess(r) server
Octeldesignertm
Operational analyst
Outbound contact management
Speech access
Unified communication center
Unified messenger (r)
Visual messenger tm
Visual vector client
Vpnmanagertm console
Web messenger
Control manager
Aura conferencing
Aura communication manager
Aura application enablement services
Aura communication manager messagint
Breeze platform
Call management system
Zobacz wszystkie produkty dla producenta Avaya


Copyright 2021, cxsecurity.com

 

Back to Top