CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-7036

An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 48.0%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 4.0

References

https://downloads.avaya.com/css/P8/documents/101075450
https://downloads.avaya.com/css/P8/documents/101075450

Products affected by CVE-2020-7036

Avaya » Callback Assist » Version: Any

cpe:2.3:a:avaya:callback_assist:*
Avaya » Callback Assist » Version: 4.7.1.1

cpe:2.3:a:avaya:callback_assist:4.7.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7036

Products

Pricing

Contact Us