CVE-2021-37586: Input Validation
First published: Fri Aug 13 2021(Updated: )
The PowerPlay Web component of Mitel Interaction Recording Multitenancy systems before 6.7 could allow a user (with Administrator rights) to replay a previously recorded conversation of another tenant due to insufficient validation.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitel Interaction Recording | <6.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-37586?
CVE-2021-37586 is a vulnerability that allows a user with Administrator rights to replay a previously recorded conversation of another tenant in Mitel Interaction Recording Multitenancy systems before version 6.7.
What is the severity of CVE-2021-37586?
CVE-2021-37586 has a severity level of medium, with a CVSS score of 4.9.
Which software versions are affected by CVE-2021-37586?
Mitel Interaction Recording Multitenancy systems before version 6.7 are affected by CVE-2021-37586.
How can a user exploit CVE-2021-37586?
A user with Administrator rights can exploit CVE-2021-37586 by replaying a previously recorded conversation of another tenant due to insufficient validation.
Is there a Mitel security advisory for CVE-2021-37586?
Yes, Mitel has released a security advisory for CVE-2021-37586. You can find it at the following link: [Mitel Security Advisories](https://www.mitel.com/support/security-advisories)
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/mitel
- canonical/mitel interaction recording