An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox Conferencing could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system or even potentially lead to a denial of service. The affected versions of Avaya Equinox Conferencing includes all 9.x versions before 9.1.11. Equinox Conferencing is now offered as Avaya Meetings Server.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://support.avaya.com/css/P8/documents/101075574 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: avaya
Published: 2021-04-28T21:30:20.662262Z
Updated: 2024-09-16T22:36:50.329Z
Reserved: 2020-01-14T00:00:00
Link: CVE-2020-7037
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-04-28T22:15:08.250
Modified: 2024-11-21T05:36:31.760
Link: CVE-2020-7037
Redhat
No data.