CVE-2024-30158

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions through 9.7.1.110

Description: A vulnerability in the web conferencing component could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary database and management operations.

Recommendations: For Mitel MiCollab versions through 9.7.1.110, update to a version that contains a fix for this issue to prevent SQL Injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.