exploitDog

CVE-2022-36452

Опубликовано: 25 окт. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

A vulnerability in the web conferencing component of Mitel MiCollab through 9.5.0.101 could allow an unauthenticated attacker to upload malicious files. A successful exploit could allow an attacker to execute arbitrary code within the context of the application.

Ссылки

https://www.mitel.com/support/security-advisories
Vendor Advisory
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0006
Vendor Advisory
https://www.mitel.com/support/security-advisories
Vendor Advisory
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0006
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mitel:micollab:*:*:*:*:*:-:*:*

Версия до 9.6 (исключая)

EPSS

Процентиль: 87%

0.03204

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

CWE-434

Связанные уязвимости

GHSA-hx93-gg8r-vm7p

CVSS3: 9.8

github

больше 3 лет назад

A vulnerability in the web conferencing component of Mitel MiCollab through 9.5.0.101 could allow an unauthenticated attacker to upload malicious files. A successful exploit could allow an attacker to execute arbitrary code within the context of the application.

EPSS

Процентиль: 87%

0.03204

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

CWE-434