CVE-2024-35314

Sažetak

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit requires user interaction and could allow an attacker to execute arbitrary scripts.

Reference

https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_24-0015-001-v3.pdf
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0015

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

09-01-2025 - 18:15

Objavljeno

21-10-2024 - 21:15