First published: Fri Dec 18 2020(Updated: )
The NuPoint Messenger of Mitel MiCollab before 9.2 could allow an attacker with escalated privilege to access user files due to insufficient access control. Successful exploit could potentially allow an attacker to gain access to sensitive information.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mitel MiCollab, MiVoice Business Express | <9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-25612 is a vulnerability in the NuPoint Messenger of Mitel MiCollab before version 9.2 that could allow an attacker with escalated privilege to access user files due to insufficient access control.
The severity of CVE-2020-25612 is medium, with a severity value of 4.9.
CVE-2020-25612 affects Mitel MiCollab before version 9.2 by allowing an attacker with escalated privilege to access user files due to insufficient access control.
An attacker with escalated privilege can exploit CVE-2020-25612 by gaining access to user files through the NuPoint Messenger of Mitel MiCollab before version 9.2.
Yes, upgrading Mitel MiCollab to version 9.2 or later fixes the vulnerability CVE-2020-25612.