Vulnerabilities > CVE-2018-19275 - Insecure Default Initialization of Resource vulnerability in Mitel CMG Suite and Inattend
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a default password, which could allow remote attackers to gain unauthorized access and execute arbitrary scripts with potential impacts to the confidentiality, integrity and availability of the system.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 7 |
Common Weakness Enumeration (CWE)
References
- https://www.mitel.com/-/media/mitel/pdf/security-advisories/security-bulletin-190002001-v10.pdf
- https://www.mitel.com/-/media/mitel/pdf/security-advisories/security-bulletin-190002001-v10.pdf
- https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-19-0002
- https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-19-0002