CVE-2020-7032MEDIUMCVSS 6.5v8.0.x·≥ 7.0, < 7.1.3.6+1 more2020-11-13
CVE-2020-7032 [MEDIUM] CWE-611 CVE-2020-7032: An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users
An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Affected versions of Avaya WebLM include: 7.0 through 7.1.3.6 and 8.0 through 8.1.2.
cvelistv5nvd