Vulnerability Details CVE-2024-41714
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoice Business Solution Virtual Instance (MiVB SVI) through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands with elevated privileges within the context of the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.2%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-41714
-
cpe:2.3:a:mitel:micollab:-
-
cpe:2.3:a:mitel:micollab:6.0
-
cpe:2.3:a:mitel:micollab:7.0
-
cpe:2.3:a:mitel:micollab:7.1
-
cpe:2.3:a:mitel:micollab:7.1.0.57
-
cpe:2.3:a:mitel:micollab:7.2
-
cpe:2.3:a:mitel:micollab:7.2.2.13
-
cpe:2.3:a:mitel:micollab:7.3
-
cpe:2.3:a:mitel:micollab:7.3.0.104
-
cpe:2.3:a:mitel:micollab:7.3.0.204
-
cpe:2.3:a:mitel:micollab:8.0
-
cpe:2.3:a:mitel:micollab:8.0.108
-
cpe:2.3:a:mitel:micollab:8.0.111
-
cpe:2.3:a:mitel:micollab:8.0.114
-
cpe:2.3:a:mitel:micollab:8.0.209
-
cpe:2.3:a:mitel:micollab:8.0.306
-
cpe:2.3:a:mitel:micollab:8.1
-
cpe:2.3:a:mitel:micollab:8.1.1
-
cpe:2.3:a:mitel:micollab:8.1.112
-
cpe:2.3:a:mitel:micollab:8.1.135
-
cpe:2.3:a:mitel:micollab:8.1.138
-
cpe:2.3:a:mitel:micollab:8.1.2
-
cpe:2.3:a:mitel:micollab:8.1.2.1
-
cpe:2.3:a:mitel:micollab:8.1.210
-
cpe:2.3:a:mitel:micollab:8.1.211
-
cpe:2.3:a:mitel:micollab:8.1.52
-
cpe:2.3:a:mitel:micollab:8.1.53
-
cpe:2.3:a:mitel:micollab:8.1.55
-
cpe:2.3:a:mitel:micollab:9.0
-
cpe:2.3:a:mitel:micollab:9.0.15
-
cpe:2.3:a:mitel:micollab:9.0.34
-
cpe:2.3:a:mitel:micollab:9.0.45
-
cpe:2.3:a:mitel:micollab:9.1
-
cpe:2.3:a:mitel:micollab:9.1.2
-
cpe:2.3:a:mitel:micollab:9.1.204
-
cpe:2.3:a:mitel:micollab:9.1.205
-
cpe:2.3:a:mitel:micollab:9.1.3
-
cpe:2.3:a:mitel:micollab:9.1.311
-
cpe:2.3:a:mitel:micollab:9.1.312
-
cpe:2.3:a:mitel:micollab:9.1.313
-
cpe:2.3:a:mitel:micollab:9.1.332
-
cpe:2.3:a:mitel:micollab:9.1.8
-
cpe:2.3:a:mitel:micollab:9.2
-
cpe:2.3:a:mitel:micollab:9.3
-
cpe:2.3:a:mitel:micollab:9.4
-
cpe:2.3:a:mitel:micollab:9.5.0.101
-
cpe:2.3:a:mitel:micollab:9.6
-
cpe:2.3:a:mitel:micollab:9.6.2.9
-
cpe:2.3:a:mitel:micollab:9.7
-
cpe:2.3:a:mitel:micollab:9.7.1.110
-
cpe:2.3:a:mitel:micollab:9.8
-
cpe:2.3:a:mitel:micollab:9.8.0.33
-
cpe:2.3:a:mitel:micollab:9.8.1.5
-
cpe:2.3:a:mitel:mivoice_business_solution_virtual_instance:1.0.0.25
-
cpe:2.3:a:mitel:mivoice_business_solution_virtual_instance:1.0.0.27