CVE-2022-36453
First published: Tue Oct 25 2022(Updated: )
A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to control another extension number.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitel MiCollab | >=9.1.3<=9.5.0.101 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-36453.
What is the severity of CVE-2022-36453?
The severity of CVE-2022-36453 is high with a CVSS score of 8.8.
How does CVE-2022-36453 affect Mitel MiCollab?
CVE-2022-36453 affects Mitel MiCollab versions 9.1.3 through 9.5.0.101.
What can an authenticated attacker do with CVE-2022-36453?
An authenticated attacker can modify their profile parameters and control another extension number.
How can I fix CVE-2022-36453?
Mitel has released security advisories and updates to address CVE-2022-36453. Please refer to Mitel's support website for more information.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/mitel
- canonical/mitel micollab
- version/mitel micollab/9.1.3
- version/mitel micollab/9.5.0.101