Vulnerability Description
An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an unauthenticated attacker to gain access to unauthorized information due to insufficient access validation. A successful exploit could allow an attacker to access sensitive shared files.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mitel | Micollab Audio\, Web \& Video Conferencing | < 8.1.2.4 |
References
- https://www.mitel.com/support/security-advisoriesVendor Advisory
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisorVendor Advisory
- https://www.mitel.com/support/security-advisoriesVendor Advisory
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisorVendor Advisory
FAQ
What is CVE-2020-11797?
CVE-2020-11797 is a vulnerability with a CVSS score of 7.5 (HIGH). An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an unauthenticated attacker to gain...
How severe is CVE-2020-11797?
CVE-2020-11797 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-11797?
Check the references section above for vendor advisories and patch information. Affected products include: Mitel Micollab Audio\, Web \& Video Conferencing.