Описание
A vulnerability in the MiCollab Client server component of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to conduct a Server-Side Request Forgery (SSRF) attack due to insufficient restriction of URL parameters. A successful exploit could allow an attacker to leverage connections and permissions available to the host server.
Ссылки
- Vendor Advisory
- MitigationVendor Advisory
- Vendor Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.5.0.101 (включая)
cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.0031
Низкий
8.8 High
CVSS3
Дефекты
CWE-918
CWE-918
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
A vulnerability in the MiCollab Client server component of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to conduct a Server-Side Request Forgery (SSRF) attack due to insufficient restriction of URL parameters. A successful exploit could allow an attacker to leverage connections and permissions available to the host server.
EPSS
Процентиль: 54%
0.0031
Низкий
8.8 High
CVSS3
Дефекты
CWE-918
CWE-918