############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: Avaya Equinox # Vendor: Avaya # CSNC ID: CSNC-2020-028 # CVE ID: CVE-2020-7038 # Subject: Missing Function Level Authorization # Risk: High # Effect: Remotely exploitable # Authors: Sylvain Heiniger # Alex Joss # Date: 2021-05-19 # ############################################################# Introduction ------------ Avaya Equinox® Conferencing [1] delivers an all-inclusive solution for voice, video and desktop sharing. It enables organizations to deploy on virtualized platforms realizing simplicity and efficiency providing the elegant and simple user experience that Avaya Workspaces offers. By leveraging virtualized platforms there are scaling and redundancy capabilities to enable lower TCO for customers with a full video endpoint conferencing suite of features. Solution components include: Avaya Equinox Management, Avaya Equinox Media Server, Avaya Aura Web Gateway, Avaya Equinox H.323 Edge, Avaya Equinox Streaming and Recording, Avaya Aura Session Border Controller, Avaya Workplace Client, Avaya XT Room Systems, Avaya Collaboration Unit CU360. During a security assessment, Compass Security analysts found that the API, delivering stills of screensharing and whiteboard sessions, lacks authentication and authorization checks. Affected -------- Vulnerable version: * Avaya Equinox® Conferencing 9.0 through 9.1 FP10 Patched version: * Avaya Meetings® Server R9.1 FP11 or later Workaround / Fix ---------------- Install the updated version provided by Avaya [2]. Timeline -------- 2020-11-03: Discovery by Sylvain Heiniger 2020-11-13: Initial vendor notification 2020-11-19: Initial vendor response 2021-04-28: Release of fixed Version / Patch 2021-05-19: Coordinated public disclosure date References ---------- [1] https://support.avaya.com/products/P1670/avaya-equinox-conferencing/9.1.x [2] https://downloads.avaya.com/css/P8/documents/101075574