CVE-2021-32071Improper Authentication in Micollab

CWE-287Improper Authentication3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.6%
top 31.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mitel Micollab
Timeline
PublishedAug 13
Latest updateMay 24

Description

The MiCollab Client service in Mitel MiCollab before 9.3 could allow an unauthenticated user to gain system access due to improper access control. A successful exploit could allow an attacker to view and modify application data, and cause a denial of service for users.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDmitel/micollab< 9.3

🔴Vulnerability Details

2
GHSA
GHSA-p829-fq6p-p9cf: The MiCollab Client service in Mitel MiCollab before 92022-05-24
CVEList
CVE-2021-32071: The MiCollab Client service in Mitel MiCollab before 92021-08-13
CVE-2021-32071 — Improper Authentication in Micollab | cvebase