What is CVE-2019-7007?

CVE-2019-7007 is a high-severity vulnerability in Avaya Aura_conferencing, classified under Path Traversal. CVSS score: 7.5/10. Published 2020-02-28.

How severe is CVE-2019-7007?

High severity. CVSS v3 base score is 7.5 out of 10.

Path Traversal in Avaya Aura_conferencing

CVE-2019-7007

A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. Successful exploitation could potentially allow an unauthenticated attacker to access files that are outside the restri…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.017 (73.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Avaya Aura_conferencing
Avaya Equinox Conferencing Management (Iview) — versions 9.1

Weakness classification (CWE)

CWE-22 — Path Traversal

References

securityalerts@avaya.com (x_refsource_CONFIRM, Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2019-7007?: CVE-2019-7007 is a high-severity vulnerability in Avaya Aura_conferencing, classified under Path Traversal. CVSS score: 7.5/10. Published 2020-02-28.
How severe is CVE-2019-7007?: High severity. CVSS v3 base score is 7.5 out of 10.