First published: Fri Dec 18 2020(Updated: )
The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mitel MiCollab, MiVoice Business Express | <9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the Mitel MiCollab vulnerability is CVE-2020-25608.
The severity level of CVE-2020-25608 is high with a score of 7.2.
CVE-2020-25608 impacts Mitel MiCollab by allowing an attacker to access user credentials through SQL injection due to improper input validation.
Mitel MiCollab versions up to and excluding 9.2 are affected by CVE-2020-25608.
To fix CVE-2020-25608 for Mitel MiCollab, it is recommended to upgrade to version 9.2 or higher.