An XML External Entities (XXE)vulnerability in the web-based user interface of Avaya Aura Orchestration Designer could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Orchestration Designer includes all 7.x versions before 7.2.3.
References
Link | Resource |
---|---|
https://downloads.avaya.com/css/P8/documents/101075450 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: avaya
Published: 2021-04-23T00:00:00
Updated: 2021-04-23T21:00:20
Reserved: 2020-01-14T00:00:00
Link: CVE-2020-7035
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-04-23T21:15:08.057
Modified: 2021-04-30T16:51:56.183
Link: CVE-2020-7035
JSON object: View
Redhat Information
No data.
CWE