A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated attacker to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7.x and 8.0.x versions prior to 8.0.4.0. Unsupported versions not listed here were not evaluated.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: avaya

Published: 2019-07-11T18:37:32.734660Z

Updated: 2024-09-17T00:55:45.821Z

Reserved: 2019-01-28T00:00:00

Link: CVE-2019-7003

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-07-11T19:15:13.440

Modified: 2024-11-21T04:47:23.823

Link: CVE-2019-7003

cve-icon Redhat

No data.