CVE-2024-42514

Sažetak

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires user interaction and could allow an attacker to access sensitive information and send unauthorized messages during an active chat session.

Reference

https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_24-0024-001-v2.pdf
https://www.mitel.com/support/security-advisories
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0024

CVSS

Base:	8.1
Impact:	5.2
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Zadnje važnije ažuriranje

07-10-2024 - 19:37

Objavljeno

01-10-2024 - 19:15