- Description
- An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an unauthenticated attacker to gain access to unauthorized information due to insufficient access validation. A successful exploit could allow an attacker to access sensitive shared files.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mitel:micollab_audio\\,_web_\\&_video_conferencing:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92BD9599-2CD6-486C-9AA9-0443ACF9F06E",
"versionEndExcluding": "8.1.2.4"
},
{
"criteria": "cpe:2.3:a:mitel:micollab_audio\\,_web_\\&_video_conferencing:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "063A76E0-E82E-4C29-B987-E69DC6D642EA",
"versionEndExcluding": "9.1.3",
"versionStartIncluding": "9.0"
}
],
"operator": "OR"
}
]
}
]