CVE-2022-36454
First published: Tue Oct 25 2022(Updated: )
A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to impersonate another user's name.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitel MiCollab | <=9.5.0.101 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-36454.
What is the affected software?
The affected software is Mitel MiCollab through version 9.5.0.101.
What is the severity of CVE-2022-36454?
The severity of CVE-2022-36454 is medium with a severity score of 6.5.
What can an attacker do with this vulnerability?
An authenticated attacker could modify their profile parameters and impersonate another user's name.
How can I fix the vulnerability in Mitel MiCollab?
To fix the vulnerability, it is recommended to update Mitel MiCollab to a version beyond 9.5.0.101.
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/mitel
- canonical/mitel micollab
- version/mitel micollab/9.5.0.101