exploitDog

CVE-2021-32072

Опубликовано: 13 авг. 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods.

Ссылки

https://www.mitel.com/support/security-advisories
Vendor Advisory
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0005
Vendor Advisory
https://www.mitel.com/support/security-advisories
Vendor Advisory
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0005
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mitel:micollab:*:*:*:*:*:-:*:*

Версия до 9.3 (исключая)

EPSS

Процентиль: 49%

0.00256

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-116

Связанные уязвимости

GHSA-wvgw-m336-mf9v

github

больше 3 лет назад

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods.

EPSS

Процентиль: 49%

0.00256

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-116