CVE-2024-30157

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions 9.7.1.110 and earlier

Description: A vulnerability in the Suite Applications Services component could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary database and management operations.

Recommendations: For Mitel MiCollab versions 9.7.1.110 and earlier, update to a version later than 9.7.1.110 to resolve the issue. As a temporary workaround, consider restricting access to the Suite Applications Services component to minimize the risk of exploitation. Additionally, review logs for signs of exploit and patch immediately when a fix becomes available.