CVE-2020-7036

An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7.
References
Configurations

Configuration 1

cpe:2.3:a:avaya:callback_assist:4.7.1.1:-:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch2:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch3:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch4:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch5:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch6:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:4.7.1.1:patch1:*:*:*:*:*:*
cpe:2.3:a:avaya:callback_assist:*:*:*:*:*:*:*:*

Information

Published : 2021-04-23 09:15

Updated : 2021-04-30 04:51


NVD link : CVE-2020-7036

Mitre link : CVE-2020-7036

Products Affected
No products.
CWE
CWE-611

Improper Restriction of XML External Entity Reference