CVE-2021-37586

The PowerPlay Web component of Mitel Interaction Recording Multitenancy systems before 6.7 could allow a user (with Administrator rights) to replay a previously recorded conversation of another tenant due to insufficient validation.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mitel:interaction_recording:*:*:*:*:*:*:*:*

History

25 Aug 2021, 13:24

Type Values Removed Values Added
CPE cpe:2.3:a:mitel:interaction_recording:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 4.0
v3 : 4.9
References (MISC) https://www.mitel.com/support/security-advisories - (MISC) https://www.mitel.com/support/security-advisories - Vendor Advisory
References (MISC) https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0006 - (MISC) https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0006 - Vendor Advisory
CWE CWE-20

13 Aug 2021, 16:24

Type Values Removed Values Added
New CVE

Information

Published : 2021-08-13 16:15

Updated : 2024-02-04 21:47


NVD link : CVE-2021-37586

Mitre link : CVE-2021-37586

CVE.ORG link : CVE-2021-37586


JSON object : View

Products Affected

mitel

  • interaction_recording
CWE
CWE-20

Improper Input Validation