Описание
A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary database and management operations.
Уязвимые конфигурации
EPSS
7.2 High
CVSS3
Дефекты
Связанные уязвимости
A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary database and management operations.
Уязвимость компонентов служб веб-конференций и приложений платформы для совместной работы Mitel MiCollab, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнить произвольный код
EPSS
7.2 High
CVSS3