Description
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. Successful exploitation could potentially allow an unauthenticated attacker to access files that are outside the restricted directory on the remote server.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://downloads.avaya.com/css/P8/documents/101064450
Scores
CVSS v3
7.5
EPSS
0.0166
EPSS Percentile
73.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (1)
avaya/aura_conferencing
9.0 - 9.1.9.0
Published
Feb 28, 2020
Tracked Since
Feb 18, 2026