Vulnerabilities > CVE-2018-19275 - Insecure Default Initialization of Resource vulnerability in Mitel CMG Suite and Inattend

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
mitel
CWE-1188
critical

Summary

The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a default password, which could allow remote attackers to gain unauthorized access and execute arbitrary scripts with potential impacts to the confidentiality, integrity and availability of the system.

Vulnerable Configurations

Part Description Count
Application
Mitel
7