Vulnerabilities > Avaya > Equinox Conferencing

DATE CVE VULNERABILITY TITLE RISK
2021-04-28 CVE-2020-7038 Unspecified vulnerability in Avaya Equinox Conferencing 9.0.0/9.1.10/9.1.9
A vulnerability was discovered in Management component of Avaya Equinox Conferencing that could potentially allow an unauthenticated, remote attacker to gain access to screen sharing and whiteboard sessions.
network
low complexity
avaya
7.5
2021-04-28 CVE-2020-7037 XXE vulnerability in Avaya Equinox Conferencing 9.0.0/9.1.10/9.1.9
An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox Conferencing could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system or even potentially lead to a denial of service.
network
low complexity
avaya CWE-611
5.5
2020-11-13 CVE-2020-7033 Cross-site Scripting vulnerability in Avaya Equinox Conferencing 9.0.0/9.1.9
A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks.
network
avaya CWE-79
3.5