exploitDog

CVE-2021-37586

Опубликовано: 13 авг. 2021

Источник: nvd

CVSS3: 4.9

CVSS2: 4

EPSS Низкий

Описание

The PowerPlay Web component of Mitel Interaction Recording Multitenancy systems before 6.7 could allow a user (with Administrator rights) to replay a previously recorded conversation of another tenant due to insufficient validation.

Ссылки

https://www.mitel.com/support/security-advisories
Vendor Advisory
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0006
Vendor Advisory
https://www.mitel.com/support/security-advisories
Vendor Advisory
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0006
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mitel:interaction_recording:*:*:*:*:*:*:*:*

Версия до 6.7 (исключая)

EPSS

Процентиль: 49%

0.00258

Низкий

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-pr9r-hrpj-9jxf

github

больше 3 лет назад

The PowerPlay Web component of Mitel Interaction Recording Multitenancy systems before 6.7 could allow a user (with Administrator rights) to replay a previously recorded conversation of another tenant due to insufficient validation.

EPSS

Процентиль: 49%

0.00258

Низкий

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-20