Описание
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters.
Ссылки
- Vendor Advisory
- MitigationVendor Advisory
- Vendor Advisory
- MitigationVendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 22.22.6100.0 (включая)
cpe:2.3:a:mitel:mivoice_connect:*:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03099
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-77
CWE-77
Связанные уязвимости
CVSS3: 6.8
github
около 3 лет назад
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters.
EPSS
Процентиль: 86%
0.03099
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-77
CWE-77