Vulnerabilities

CVE-2020-7032

by Fred · 12/11/2020

An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Affected versions of Avaya WebLM include: 7.0 through 7.1.3.6 and 8.0 through 8.1.2.

Date published : 2020-11-12

https://downloads.avaya.com/css/P8/documents/101072249

http://seclists.org/fulldisclosure/2020/Nov/31

Similar

Tags: Cybersecurity Alert