CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-16250

A vulnerability in Mitel ST 14.2, release GA28 and earlier, could allow an attacker to use the API function to enumerate through user-ids which could be used to identify valid user ids and associated user names.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.1%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-18-0004
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-18-0004

Products affected by CVE-2017-16250

Mitel » St14.2 » Version: N/A

cpe:2.3:a:mitel:st14.2:-
Mitel » St14.2 » Version: ga28

cpe:2.3:a:mitel:st14.2:ga28

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-16250

Products

Pricing

Contact Us