What is the severity of CVE-2024-35315?

CVE-2024-35315 is classified as a privilege escalation vulnerability which can have a significant impact on affected systems.

How do I fix CVE-2024-35315?

To mitigate CVE-2024-35315, users should upgrade to the latest version of Mitel MiCollab or MiVoice Business Solution Virtual Instance that addresses the vulnerability.

Who is affected by CVE-2024-35315?

CVE-2024-35315 affects Mitel MiCollab up to version 9.7.1.110 and all versions of Mitel MiVoice Business Solution Virtual Instance.

What attacks can be executed through CVE-2024-35315?

CVE-2024-35315 allows an authenticated attacker to perform privilege escalation attacks due to improper file validation.

Is CVE-2024-35315 a remote or local vulnerability?

CVE-2024-35315 requires local access as it is an authenticated privilege escalation vulnerability.

Vulnerability/
CVE-2024-35315

medium

5.6

CWE

21/10/2024

23/10/2024

CVE-2024-35315: Code Injection

First published: Mon Oct 21 2024(Updated: )

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker to run arbitrary code with elevated privileges.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Mitel MiCollab	<=9.7.1.110
Mitel MiVoice Business Solution

Never miss a vulnerability like this again

Reference Links

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0016

Frequently Asked Questions

What is the severity of CVE-2024-35315?
CVE-2024-35315 is classified as a privilege escalation vulnerability which can have a significant impact on affected systems.
How do I fix CVE-2024-35315?
To mitigate CVE-2024-35315, users should upgrade to the latest version of Mitel MiCollab or MiVoice Business Solution Virtual Instance that addresses the vulnerability.
Who is affected by CVE-2024-35315?
CVE-2024-35315 affects Mitel MiCollab up to version 9.7.1.110 and all versions of Mitel MiVoice Business Solution Virtual Instance.
What attacks can be executed through CVE-2024-35315?
CVE-2024-35315 allows an authenticated attacker to perform privilege escalation attacks due to improper file validation.
Is CVE-2024-35315 a remote or local vulnerability?
CVE-2024-35315 requires local access as it is an authenticated privilege escalation vulnerability.

agent/references
agent/description
agent/type
agent/first-publish-date
agent/author
collector/nvd-api
source/NVD
agent/last-modified-date
agent/weakness
agent/severity
agent/event
collector/mitre-cve
source/MITRE
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/mitel
canonical/mitel micollab
canonical/mitel mivoice business solution

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.