CVE-2019-19608

Name of the Vulnerable Software and Affected Versions Mitel MiCollab AWV versions prior to 8.1.2.2

Description A SQL injection issue exists due to insufficient input validation for the "registeredList.cgi" page, allowing an unauthenticated attack. This could enable an attacker to extract sensitive information from the database and execute arbitrary scripts.

Recommendations For versions prior to 8.1.2.2, update to version 8.1.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the registeredList.cgi page to minimize the risk of exploitation.