Avaya: >> Aura System Manager >> 7.1.3.3 Security Vulnerabilities
An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Affected versions of Avaya WebLM include: 7.0 through 7.1.3.6 and 8.0 through 8.1.2.
CVSS Score
6.5
EPSS Score
0.005
Published
2020-11-13