First published: Fri Dec 18 2020(Updated: )
The AWV component of Mitel MiCollab before 9.2 could allow an attacker to gain access to a web conference due to insufficient access control for conference codes.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mitel MiCollab, MiVoice Business Express | <9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-25610.
The title of this vulnerability is 'The AWV component of Mitel MiCollab before 9.2 could allow an attacker to gain access to a web conference.'
The description of this vulnerability is that the AWV component of Mitel MiCollab before 9.2 could allow an attacker to gain access to a web conference due to insufficient access control for conference codes.
The Mitel MiCollab and MiVoice Business Express software versions up to and excluding 9.2 are affected by this vulnerability.
The severity of this vulnerability is medium with a CVSS score of 5.3.
Yes, you can find more information about this vulnerability in the Mitel security advisories.