Vulnerability Description
A remote code execution vulnerability in UCB component of Mitel MiVoice Connect before 19.1 SP1 could allow an unauthenticated remote attacker to execute arbitrary scripts due to insufficient validation of URL parameters. A successful exploit could allow an attacker to gain access to sensitive information.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mitel | Mivoice Connect | < 22.11.4900.0 |
Related Weaknesses (CWE)
References
- https://www.mitel.com/support/security-advisoriesVendor Advisory
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisorVendor Advisory
- https://www.mitel.com/support/security-advisoriesVendor Advisory
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisorVendor Advisory
FAQ
What is CVE-2020-10211?
CVE-2020-10211 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A remote code execution vulnerability in UCB component of Mitel MiVoice Connect before 19.1 SP1 could allow an unauthenticated remote attacker to execute arbitrary scripts due to insufficient validati...
How severe is CVE-2020-10211?
CVE-2020-10211 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-10211?
Check the references section above for vendor advisories and patch information. Affected products include: Mitel Mivoice Connect.