Cross-Site Scripting Flaw in Mitel MiCloud Management Portal
CVE-2020-24594

9.6CRITICAL

Key Information:

Vendor

Mitel
Status
Micloud Management Portal
Vendor
CVE Published:
25 September 2020

What is CVE-2020-24594?

In Mitel's MiCloud Management Portal, versions before 6.1 SP5, an insufficient input validation vulnerability enables unauthenticated attackers to execute arbitrary scripts. By exploiting this flaw, attackers may gain access to user sessions, posing significant security risks to users of the platform. Organizations using the affected versions should promptly apply updates and review their security postures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.mitel.com/support/security-advisories
x_refsource_MISC
https://www.mitel.com/support/security-advisories/mitel-p...
x_refsource_CONFIRM

CVSS V3.1

Score:
9.6
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.