cbcvebase.

Mitel Cmg Suite vulnerabilities

3 known vulnerabilities affecting mitel/cmg_suite.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3

Vulnerabilities

Page 1 of 1
CVE-2018-19275P2CRITICALCVSS 9.8fixed in 8.4v8.42019-04-02
CVE-2018-19275 [CRITICAL] CWE-1188 CVE-2018-19275: The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a de The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a default password, which could allow remote attackers to gain unauthorized access and execute arbitrary scripts with potential impacts to the confidentiality, integrity and availability of the system.
nvd
CVE-2018-18286P3CRITICALCVSS 9.8≤ 8.4v8.42019-04-25
CVE-2018-18286 [CRITICAL] CWE-89 CVE-2018-18286: SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attac SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts.
nvd
CVE-2018-18285P3CRITICALCVSS 9.8≤ 8.4v8.42019-04-25
CVE-2018-18285 [CRITICAL] CWE-89 CVE-2018-18285: SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attac SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the login interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts.
nvd
Mitel Cmg Suite vulnerabilities | cvebase