Vulnerabilities > CVE-2019-12165 - Unspecified vulnerability in Mitel Micollab and Micollab AWV

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

mitel

critical

NVD

Published: 2019-05-29

Updated: 2020-08-24

Summary

MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and earlier and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful exploit of this vulnerability could allow an attacker to execute arbitrary system commands.

Vulnerable Configurations

Part	Description	Count
Application	Mitel Mitel Micollab * Mitel Micollab 7.3 Mitel Micollab AWV *	4

References

https://www.mitel.com/-/media/mitel/pdf/content-entry-pdf/en-security-bulletin-17-0010-004.pdf