Man-In-the-Middle Vulnerability in Mitel MiCollab
CVE-2021-32069

4.8MEDIUM

Key Information:

Vendor: Mitel
Status: Micollab
Vendor: CVE Published:; 13 August 2021

Summary

The AWV component of Mitel MiCollab prior to version 9.3 is susceptible to a vulnerability that could enable attackers to execute Man-In-the-Middle attacks. This occurs due to improper negotiation within the TLS protocol, potentially allowing unauthorized access to sensitive data, which could be viewed and altered by the attacker. This vulnerability raises significant concerns regarding the integrity and confidentiality of communications facilitated by the affected products.

References

https://www.mitel.com/support/security-advisories

x_refsource_MISC

https://www.mitel.com/support/security-advisories/mitel-p...

x_refsource_MISC

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 13, 2021
Vulnerability Reserved
May 6, 2021