CVE-2020-35547Incorrect Authorization in Micollab

CWE-863Incorrect Authorization3 documents3 sources
Severity
9.1CRITICALNVD
EPSS
0.4%
top 41.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mitel Micollab
Timeline
PublishedJan 29
Latest updateMay 24

Description

A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access (view and modify) to user data.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-3254-79q7-7q66: A library index page in NuPoint Messenger in Mitel MiCollab before 92022-05-24
CVEList
CVE-2020-35547: A library index page in NuPoint Messenger in Mitel MiCollab before 92021-01-29
CVE-2020-35547 — Incorrect Authorization in Micollab | cvebase