CVE-2020-7030

A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though 11.0.4.3.

Published: Jun 4, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-7030
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
avaya / ip_office	9.1-sp1	9.1-sp1.x
avaya / ip_office	9.1-sp3	9.1-sp3.x
avaya / ip_office	9.1-sp4	9.1-sp4.x
avaya / ip_office	9.1-sp5	9.1-sp5.x
avaya / ip_office	9.1-sp6	9.1-sp6.x
avaya / ip_office	9.1-sp7	9.1-sp7.x
avaya / ip_office	9.1-sp8	9.1-sp8.x
avaya / ip_office	9.1-sp9	9.1-sp9.x
avaya / ip_office	9.1-sp10	9.1-sp10.x
avaya / ip_office	9.1-sp11	9.1-sp11.x
avaya / ip_office	9.1-sp12	9.1-sp12.x
avaya / ip_office	9.1	9.1.x
avaya / ip_office	11.0	11.0.4.2.x
avaya / ip_office	10.0	10.1.0.7.x
avaya / ip_office	9.0	9.0.x
avaya / ip_office	9.0-sp1	9.0-sp1.x
avaya / ip_office	9.0-sp2	9.0-sp2.x
avaya / ip_office	9.0-sp3	9.0-sp3.x
avaya / ip_office	9.0-sp4	9.0-sp4.x
avaya / ip_office	9.0-sp5	9.0-sp5.x
avaya / ip_office	9.0-sp6	9.0-sp6.x
avaya / ip_office	9.0-sp7	9.0-sp7.x
avaya / ip_office	9.0-sp8	9.0-sp8.x
avaya / ip_office	9.0-sp9	9.0-sp9.x
avaya / ip_office	9.0-sp10	9.0-sp10.x
avaya / ip_office	9.0-sp11	9.0-sp11.x
avaya / ip_office	9.0-sp12	9.0-sp12.x

Vulnerability Database

289,697

CVE-2020-7030