Vulnerability Description
The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker to upload arbitrary scripts due to improper authorization controls. A successful exploit could allow remote code execution within the context of the application.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mitel | Micollab | <= 9.6.0.105 |
Related Weaknesses (CWE)
References
- https://www.mitel.com/support/security-advisoriesVendor Advisory
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisorMitigationVendor Advisory
- https://www.mitel.com/support/security-advisoriesVendor Advisory
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisorMitigationVendor Advisory
FAQ
What is CVE-2022-41326?
CVE-2022-41326 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker to upload arbitrary scripts due to improper authorization controls. A successful exploit could...
How severe is CVE-2022-41326?
CVE-2022-41326 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-41326?
Check the references section above for vendor advisories and patch information. Affected products include: Mitel Micollab.