A remote code execution vulnerability in UCB component of Mitel MiVoice Connect before 19.1 SP1 could allow an unauthenticated remote attacker to execute arbitrary scripts due to insufficient validation of URL parameters. A successful exploit could allow an attacker to gain access to sensitive information.
References
Link | Resource |
---|---|
https://www.mitel.com/support/security-advisories | Vendor Advisory |
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0004 | Vendor Advisory |
https://www.mitel.com/support/security-advisories | Vendor Advisory |
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0004 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 04:54
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.mitel.com/support/security-advisories - Vendor Advisory | |
References | () https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0004 - Vendor Advisory |
Information
Published : 2020-04-17 13:15
Updated : 2024-11-21 04:54
NVD link : CVE-2020-10211
Mitre link : CVE-2020-10211
CVE.ORG link : CVE-2020-10211
JSON object : View
Products Affected
mitel
- mivoice_connect
- mivoice_connect_client
CWE
CWE-20
Improper Input Validation