Vulnerability Details : CVE-2020-11797
An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an unauthenticated attacker to gain access to unauthorized information due to insufficient access validation. A successful exploit could allow an attacker to access sensitive shared files.
Products affected by CVE-2020-11797
- Mitel » Micollab Audio, Web & Video ConferencingVersions from including (>=) 9.0 and before (<) 9.1.3cpe:2.3:a:mitel:micollab_audio\,_web_\&_video_conferencing:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitel:micollab_audio\,_web_\&_video_conferencing:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-11797
0.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 57 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-11797
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
References for CVE-2020-11797
-
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0005
Vendor Advisory
-
https://www.mitel.com/support/security-advisories
Security AdvisoriesVendor Advisory
Jump to