Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-8h2w-xmx5-q4j3

Опубликовано: 21 окт. 2024
Источник: github
Github: Не прошло ревью
CVSS3: 5.6

Описание

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker to run arbitrary code with elevated privileges.

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker to run arbitrary code with elevated privileges.

Ссылки

EPSS

Процентиль: 76%
0.00973
Низкий

5.6 Medium

CVSS3

CVE ID

CVE-2024-35315

Дефекты

CWE-94

Связанные уязвимости

nvd логотип

CVE-2024-35315

CVSS3: 5.6
nvd
больше 1 года назад

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker to run arbitrary code with elevated privileges.

fstec логотип

BDU:2024-04504

CVSS3: 7.8
fstec
больше 1 года назад

Уязвимость клиента MiCollab Desktop Client платформы для совместной работы MiCollab и виртуального экземпляра бизнес-решения MiVoice Business Solution Virtual Instance (MiVB SVI), позволяющая нарушителю обойти ограничения безопасности, повысить свои привилегии и выполнить произвольный код

EPSS

Процентиль: 76%
0.00973
Низкий

5.6 Medium

CVSS3

CVE ID

CVE-2024-35315

Дефекты

CWE-94