PT-2021-11787 · Mitel · Nupoint Messenger+1

Published

2021-01-29

Updated

2021-07-21

CVE-2020-35547

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions prior to 9.2 FP1

Description: The issue allows an unauthenticated attacker to gain access to user data, including the ability to view and modify it. This is due to a problem with a library index page in NuPoint Messenger.

Recommendations: For versions prior to 9.2 FP1, update to version 9.2 FP1 or later to resolve the issue. As a temporary workaround, consider restricting access to the NuPoint Messenger library index page to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-35547

Affected Products

Mitel Micollab

Nupoint Messenger

PT-2021-11787 · Mitel · Nupoint Messenger+1

CVE-2020-35547

Related Identifiers

Affected Products

References · 6