Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Avaya Aura Communication Manager by Avaya

    CVE-2022-2249 (GCVE-0-2022-2249)

    Vulnerability from nvd – Published: 2022-10-12 00:00 – Updated: 2025-05-19 16:53
    VLAI
    Title
    Avaya Aura Communication Manager Privilege Escalation Vulnerabilities
    Summary
    Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Avaya Avaya Aura Communication Manager Affected: 10.1.0.0
    Affected: 8.x , ≤ 8.1.3.3 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.514Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://download.avaya.com/css/public/documents/101083760"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2249",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T16:53:41.117312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T16:53:47.153Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Avaya Aura Communication Manager",
              "vendor": "Avaya",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.1.0.0"
                },
                {
                  "lessThanOrEqual": "8.1.3.3",
                  "status": "affected",
                  "version": "8.x",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-12T00:00:00.000Z",
            "orgId": "9d670455-bdb5-4cca-a883-5914865f5d96",
            "shortName": "avaya"
          },
          "references": [
            {
              "url": "https://download.avaya.com/css/public/documents/101083760"
            }
          ],
          "source": {
            "defect": [
              "CM-47814",
              "CM-47815"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Avaya Aura Communication Manager Privilege Escalation Vulnerabilities",
          "x_generator": {
            "engine": "vulnogram 0.1.0-rc1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9d670455-bdb5-4cca-a883-5914865f5d96",
        "assignerShortName": "avaya",
        "cveId": "CVE-2022-2249",
        "datePublished": "2022-10-12T00:00:00.000Z",
        "dateReserved": "2022-06-29T00:00:00.000Z",
        "dateUpdated": "2025-05-19T16:53:47.153Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-7029 (GCVE-0-2020-7029)

    Vulnerability from nvd – Published: 2020-08-11 23:05 – Updated: 2024-09-16 22:03
    VLAI
    Title
    Avaya Product System Management Interface Cross-Site Request Forgery Vulnerability
    Summary
    A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of Communication Manager are 7.0.x, 7.1.x prior to 7.1.3.5 and 8.0.x. Affected versions of Messaging are 7.0.x, 7.1 and 7.1 SP1.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Avaya Avaya Aura Communication Manager Affected: 8.0.x
    Affected: 7.0 , ≤ 7.1.3.4 (custom)
    Create a notification for this product.
    Avaya Avaya Aura Messaging Affected: 7.0 , ≤ 7.1 SP1 (custom)
    Create a notification for this product.
    Date Public
    2020-08-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T09:18:03.014Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.avaya.com/css/P8/documents/101070201"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Avaya Aura Communication Manager",
              "vendor": "Avaya",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "lessThanOrEqual": "7.1.3.4",
                  "status": "affected",
                  "version": "7.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Avaya Aura Messaging",
              "vendor": "Avaya",
              "versions": [
                {
                  "lessThanOrEqual": "7.1 SP1",
                  "status": "affected",
                  "version": "7.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-08-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of Communication Manager are 7.0.x, 7.1.x prior to 7.1.3.5 and 8.0.x. Affected versions of Messaging are 7.0.x, 7.1 and 7.1 SP1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-08-11T23:05:17.000Z",
            "orgId": "9d670455-bdb5-4cca-a883-5914865f5d96",
            "shortName": "avaya"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.avaya.com/css/P8/documents/101070201"
            }
          ],
          "source": {
            "advisory": "ASA-2020-106"
          },
          "title": "Avaya Product System Management Interface Cross-Site Request Forgery Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "securityalerts@avaya.com",
              "DATE_PUBLIC": "2020-08-11T06:00:00.000Z",
              "ID": "CVE-2020-7029",
              "STATE": "PUBLIC",
              "TITLE": "Avaya Product System Management Interface Cross-Site Request Forgery Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Avaya Aura Communication Manager",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_name": "7.0",
                                "version_value": "7.1.3.4"
                              },
                              {
                                "affected": "=",
                                "version_affected": "=",
                                "version_name": "8.0.x",
                                "version_value": "8.0.x"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Avaya Aura Messaging",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_name": "7.0",
                                "version_value": "7.1 SP1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Avaya"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of Communication Manager are 7.0.x, 7.1.x prior to 7.1.3.5 and 8.0.x. Affected versions of Messaging are 7.0.x, 7.1 and 7.1 SP1."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-352"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.avaya.com/css/P8/documents/101070201",
                  "refsource": "CONFIRM",
                  "url": "https://support.avaya.com/css/P8/documents/101070201"
                }
              ]
            },
            "source": {
              "advisory": "ASA-2020-106"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9d670455-bdb5-4cca-a883-5914865f5d96",
        "assignerShortName": "avaya",
        "cveId": "CVE-2020-7029",
        "datePublished": "2020-08-11T23:05:18.034Z",
        "dateReserved": "2020-01-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:03:15.362Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2249 (GCVE-0-2022-2249)

    Vulnerability from cvelistv5 – Published: 2022-10-12 00:00 – Updated: 2025-05-19 16:53
    VLAI
    Title
    Avaya Aura Communication Manager Privilege Escalation Vulnerabilities
    Summary
    Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Avaya Avaya Aura Communication Manager Affected: 10.1.0.0
    Affected: 8.x , ≤ 8.1.3.3 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.514Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://download.avaya.com/css/public/documents/101083760"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2249",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-19T16:53:41.117312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-19T16:53:47.153Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Avaya Aura Communication Manager",
              "vendor": "Avaya",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.1.0.0"
                },
                {
                  "lessThanOrEqual": "8.1.3.3",
                  "status": "affected",
                  "version": "8.x",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-12T00:00:00.000Z",
            "orgId": "9d670455-bdb5-4cca-a883-5914865f5d96",
            "shortName": "avaya"
          },
          "references": [
            {
              "url": "https://download.avaya.com/css/public/documents/101083760"
            }
          ],
          "source": {
            "defect": [
              "CM-47814",
              "CM-47815"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Avaya Aura Communication Manager Privilege Escalation Vulnerabilities",
          "x_generator": {
            "engine": "vulnogram 0.1.0-rc1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9d670455-bdb5-4cca-a883-5914865f5d96",
        "assignerShortName": "avaya",
        "cveId": "CVE-2022-2249",
        "datePublished": "2022-10-12T00:00:00.000Z",
        "dateReserved": "2022-06-29T00:00:00.000Z",
        "dateUpdated": "2025-05-19T16:53:47.153Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-7029 (GCVE-0-2020-7029)

    Vulnerability from cvelistv5 – Published: 2020-08-11 23:05 – Updated: 2024-09-16 22:03
    VLAI
    Title
    Avaya Product System Management Interface Cross-Site Request Forgery Vulnerability
    Summary
    A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of Communication Manager are 7.0.x, 7.1.x prior to 7.1.3.5 and 8.0.x. Affected versions of Messaging are 7.0.x, 7.1 and 7.1 SP1.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Avaya Avaya Aura Communication Manager Affected: 8.0.x
    Affected: 7.0 , ≤ 7.1.3.4 (custom)
    Create a notification for this product.
    Avaya Avaya Aura Messaging Affected: 7.0 , ≤ 7.1 SP1 (custom)
    Create a notification for this product.
    Date Public
    2020-08-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T09:18:03.014Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.avaya.com/css/P8/documents/101070201"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Avaya Aura Communication Manager",
              "vendor": "Avaya",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "lessThanOrEqual": "7.1.3.4",
                  "status": "affected",
                  "version": "7.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Avaya Aura Messaging",
              "vendor": "Avaya",
              "versions": [
                {
                  "lessThanOrEqual": "7.1 SP1",
                  "status": "affected",
                  "version": "7.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-08-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of Communication Manager are 7.0.x, 7.1.x prior to 7.1.3.5 and 8.0.x. Affected versions of Messaging are 7.0.x, 7.1 and 7.1 SP1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-08-11T23:05:17.000Z",
            "orgId": "9d670455-bdb5-4cca-a883-5914865f5d96",
            "shortName": "avaya"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.avaya.com/css/P8/documents/101070201"
            }
          ],
          "source": {
            "advisory": "ASA-2020-106"
          },
          "title": "Avaya Product System Management Interface Cross-Site Request Forgery Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "securityalerts@avaya.com",
              "DATE_PUBLIC": "2020-08-11T06:00:00.000Z",
              "ID": "CVE-2020-7029",
              "STATE": "PUBLIC",
              "TITLE": "Avaya Product System Management Interface Cross-Site Request Forgery Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Avaya Aura Communication Manager",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_name": "7.0",
                                "version_value": "7.1.3.4"
                              },
                              {
                                "affected": "=",
                                "version_affected": "=",
                                "version_name": "8.0.x",
                                "version_value": "8.0.x"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Avaya Aura Messaging",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_name": "7.0",
                                "version_value": "7.1 SP1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Avaya"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of Communication Manager are 7.0.x, 7.1.x prior to 7.1.3.5 and 8.0.x. Affected versions of Messaging are 7.0.x, 7.1 and 7.1 SP1."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-352"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.avaya.com/css/P8/documents/101070201",
                  "refsource": "CONFIRM",
                  "url": "https://support.avaya.com/css/P8/documents/101070201"
                }
              ]
            },
            "source": {
              "advisory": "ASA-2020-106"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9d670455-bdb5-4cca-a883-5914865f5d96",
        "assignerShortName": "avaya",
        "cveId": "CVE-2020-7029",
        "datePublished": "2020-08-11T23:05:18.034Z",
        "dateReserved": "2020-01-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:03:15.362Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }