CVE-2020-12456: Path Traversal
First published: Wed Aug 26 2020(Updated: )
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitel MiVoice Connect | <214.100.1223.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-12456?
CVE-2020-12456 is a remote code execution vulnerability in Mitel MiVoice Connect Client before version 214.100.1223.0.
How does CVE-2020-12456 impact Mitel MiVoice Connect Client?
CVE-2020-12456 allows an attacker to execute arbitrary code in the chat notification window of Mitel MiVoice Connect Client, potentially leading to session cookie theft and other unauthorized actions.
What is the severity of CVE-2020-12456?
CVE-2020-12456 has a severity rating of 8.8 (high).
How can I fix CVE-2020-12456?
To fix CVE-2020-12456, it is recommended to update Mitel MiVoice Connect Client to version 214.100.1223.0 or later, which addresses the vulnerability.
Where can I find more information about CVE-2020-12456?
You can find more information about CVE-2020-12456 on Mitel's support website. Please refer to the following link: [https://www.mitel.com/support/security-advisories](https://www.mitel.com/support/security-advisories)
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- vendor/mitel
- canonical/mitel mivoice connect