Vulnerabilities > CVE-2021-26714 - Unspecified vulnerability in Mitel Micontact Center Enterprise 9.3

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

mitel

critical

NVD

Published: 2021-03-29

Updated: 2022-06-28

Summary

The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow a user to access restricted files and folders due to insufficient access control. A successful exploit could allow an attacker to view and modify application data via Directory Traversal.

Vulnerable Configurations

Part	Description	Count
Application	Mitel Mitel Micontact Center Enterprise - Mitel Micontact Center Enterprise 9.3	2

References

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0003