Insufficient Output Sanitization in Mitel MiContact Center Business Portal
CVE-2020-24693

3.3LOW

Key Information:

Vendor
Mitel
Status
Micontact Center Business
Vendor
CVE Published:
18 December 2020

Summary

A local attacker could exploit a vulnerability in the Ignite portal of Mitel MiContact Center Business prior to version 9.3.0.0. This issue arises from insufficient output sanitization, allowing unauthorized viewing of sensitive system information, potentially leading to further exploitation.

References

https://www.mitel.com/support/security-advisories
x_refsource_MISC

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2020-24693 : Insufficient Output Sanitization in Mitel MiContact Center Business Portal | SecurityVulnerability.io