Vulnerability Details : CVE-2019-12165
MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and earlier and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful exploit of this vulnerability could allow an attacker to execute arbitrary system commands.
Products affected by CVE-2019-12165
- cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitel:micollab:*:*:*:*:*:*:*:*
- Mitel » Micollab Audio, Web & Video ConferencingVersions from including (>=) 5.0 and up to, including, (<=) 5.0.5.7cpe:2.3:a:mitel:micollab_audio\,_web_\&_video_conferencing:*:*:*:*:*:*:*:*
- Mitel » Micollab Audio, Web & Video ConferencingVersions from including (>=) 6.3 and up to, including, (<=) 6.3.0.103cpe:2.3:a:mitel:micollab_audio\,_web_\&_video_conferencing:*:*:*:*:*:*:*:*
- Mitel » Micollab Audio, Web & Video ConferencingVersions from including (>=) 6.0 and up to, including, (<=) 6.0.0.61cpe:2.3:a:mitel:micollab_audio\,_web_\&_video_conferencing:*:*:*:*:*:*:*:*
- Mitel » Micollab Audio, Web & Video ConferencingVersions from including (>=) 6.1 and up to, including, (<=) 6.1.0.28cpe:2.3:a:mitel:micollab_audio\,_web_\&_video_conferencing:*:*:*:*:*:*:*:*
- Mitel » Micollab Audio, Web & Video ConferencingVersions from including (>=) 6.2 and up to, including, (<=) 6.2.2.8cpe:2.3:a:mitel:micollab_audio\,_web_\&_video_conferencing:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-12165
0.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-12165
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2019-12165
Jump to