CVE-2022-36454

Name of the Vulnerable Software and Affected Versions Mitel MiCollab versions through 9.5.0.101

Description A vulnerability in the MiCollab Client API could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. This could allow the attacker to impersonate another user's name.

Recommendations For versions through 9.5.0.101, update to a version that includes proper authorization controls to prevent profile parameter modification. At the moment, there is no information about a newer version that contains a fix for this vulnerability.