Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-f3fm-623c-wfmm

Опубликовано: 21 окт. 2024
Источник: github
Github: Не прошло ревью
CVSS3: 9.8

Описание

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary scripts.

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary scripts.

Ссылки

EPSS

Процентиль: 86%
0.02861
Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2024-35314

Дефекты

CWE-94

Связанные уязвимости

nvd логотип

CVE-2024-35314

CVSS3: 9.8
nvd
больше 1 года назад

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit requires user interaction and could allow an attacker to execute arbitrary scripts.

fstec логотип

BDU:2024-08877

CVSS3: 9.8
fstec
больше 1 года назад

Уязвимость клиента MiCollab Desktop Client платформы для совместной работы MiCollab и виртуального экземпляра бизнес-решения MiVoice Business Solution Virtual Instance (MiVB SVI), позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 86%
0.02861
Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2024-35314

Дефекты

CWE-94