PT-2020-15755 · Mitel · Mitel Micloud Management Portal

Published

2020-09-25

·

Updated

2020-09-30

·

CVE-2020-24592

CVSS v3.1

5.3

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Mitel MiCloud Management Portal versions prior to 6.1 SP5
Description The issue allows an attacker to view system information by sending a crafted request due to insufficient output sanitization.
Recommendations For versions prior to 6.1 SP5, update to version 6.1 SP5 or later to resolve the issue.

Fix

Improper Encoding or Escaping of Output

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-116

Related Identifiers

CVE-2020-24592

Affected Products

Mitel Micloud Management Portal