CVE-2020-7038
Avaya Meetings Server Information Disclosure vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability was discovered in Management component of Avaya Equinox Conferencing that could potentially allow an unauthenticated, remote attacker to gain access to screen sharing and whiteboard sessions. The affected versions of Management component of Avaya Equinox Conferencing include all 3.x versions before 3.17. Avaya Equinox Conferencing is now offered as Avaya Meetings Server.
Se detectó una vulnerabilidad en el componente Management de Avaya Equinox Conferencing que podrÃa permitir a un atacante remoto no autenticado conseguir acceso a las sesiones de pantalla compartida y de pizarra. Las versiones afectadas del componente Management de Avaya Equinox Conferencing incluyen todas las versiones 3.x anteriores a la 3.17. Avaya Equinox Conferencing ahora se ofrece como Avaya Meetings Server
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-14 CVE Reserved
- 2021-04-28 CVE Published
- 2024-05-01 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-284: Improper Access Control
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.avaya.com/css/P8/documents/101075574 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Avaya Search vendor "Avaya" | Equinox Conferencing Search vendor "Avaya" for product "Equinox Conferencing" | >= 9.0.0 < 9.1.11 Search vendor "Avaya" for product "Equinox Conferencing" and version " >= 9.0.0 < 9.1.11" | - |
Affected
| ||||||