CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-24594

Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 69.7%

CVSS Severity

CVSS v3 Score 9.6

CVSS v2 Score 6.8

References

https://www.mitel.com/support/security-advisories
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0010
https://www.mitel.com/support/security-advisories
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0010

Products affected by CVE-2020-24594

Mitel » Micloud Management Portal » Version: N/A

cpe:2.3:a:mitel:micloud_management_portal:-
Mitel » Micloud Management Portal » Version: 5.3

cpe:2.3:a:mitel:micloud_management_portal:5.3
Mitel » Micloud Management Portal » Version: 6.0

cpe:2.3:a:mitel:micloud_management_portal:6.0
Mitel » Micloud Management Portal » Version: 6.1

cpe:2.3:a:mitel:micloud_management_portal:6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24594

Products

Pricing

Contact Us