Описание
An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.0.0 (включая) до 4.7.1.1 (исключая)
Одно из
cpe:2.3:a:avaya:callback_assist:*:*:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:-:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch1:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch2:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch3:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch4:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch5:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch6:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.00248
Низкий
8.1 High
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-611
CWE-611
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7.
EPSS
Процентиль: 48%
0.00248
Низкий
8.1 High
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-611
CWE-611