cbcvebase.
CVE-2020-11797
published 2020-08-26

CVE-2020-11797: An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could…

PriorityP349high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
1.17%
63.4th percentile
An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an unauthenticated attacker to gain access to unauthorized information due to insufficient access validation. A successful exploit could allow an attacker to access sensitive shared files.

Affected

2 ranges
VendorProductVersion rangeFixed in
mitelmicollab_audio_web_video_conferencing< 8.1.2.48.1.2.4
mitelmicollab_audio_web_video_conferencing>= 9.0 < 9.1.39.1.3

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_oracle3.1MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.