First published: Fri Dec 18 2020(Updated: )
The online help portal of Mitel MiCollab before 9.2 could allow an attacker to redirect a user to an unauthorized website by executing malicious script due to insufficient access control.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mitel MiCollab, MiVoice Business Express | <9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2020-27340.
The title of this vulnerability is 'The online help portal of Mitel MiCollab before 9.2 could allow an attacker to redirect a user to an…'
The description of this vulnerability is 'The online help portal of Mitel MiCollab before 9.2 could allow an attacker to redirect a user to an unauthorized website by executing malicious script due to insufficient access control.'
The software affected by this vulnerability is Mitel MiCollab and MiVoice Business Express.
The severity of CVE-2020-27340 is medium with a CVSS score of 6.1.
This vulnerability can be exploited by an attacker executing malicious script on the online help portal of Mitel MiCollab before version 9.2.
Yes, the fix for this vulnerability is to upgrade to version 9.2 or later of Mitel MiCollab.
You can find more information about this vulnerability on the Mitel website at https://www.mitel.com/support/security-advisories.