Описание
The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view and modify) user data without authorization due to improper handling of tokens.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 8.0.0.0 (включая) до 8.1.4.1 (включая)Версия от 9.0.0.0 (включая) до 9.3.1.0 (включая)
Одно из
cpe:2.3:a:mitel:micontact_center_business:*:*:*:*:*:*:*:*
cpe:2.3:a:mitel:micontact_center_business:*:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00367
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view and modify) user data without authorization due to improper handling of tokens.
EPSS
Процентиль: 58%
0.00367
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other