CVE-2019-12165

MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and earlier and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful exploit of this vulnerability could allow an attacker to execute arbitrary system commands.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
mitelmicollab
7.1 ≤
𝑥
≤ 7.1.0.57
mitelmicollab
7.2 ≤
𝑥
≤ 7.2.2.13
mitelmicollab
7.3 ≤
𝑥
≤ 7.3.0.204
mitelmicollab_audio\,_web_\&_video_conferencing
5.0 ≤
𝑥
≤ 5.0.5.7
mitelmicollab_audio\,_web_\&_video_conferencing
6.0 ≤
𝑥
≤ 6.0.0.61
mitelmicollab_audio\,_web_\&_video_conferencing
6.1 ≤
𝑥
≤ 6.1.0.28
mitelmicollab_audio\,_web_\&_video_conferencing
6.2 ≤
𝑥
≤ 6.2.2.8
mitelmicollab_audio\,_web_\&_video_conferencing
6.3 ≤
𝑥
≤ 6.3.0.103
𝑥
= Vulnerable software versions
References
https://www.mitel.com/-/media/mitel/pdf/content-entry-pdf/en-security-bulletin-17-0010-004.pdf
https://www.mitel.com/-/media/mitel/pdf/content-entry-pdf/en-security-bulletin-17-0010-004.pdf