Vulnerabilities > Mitel > Micloud Management Portal > 5.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-25 | CVE-2020-24595 | Unspecified vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control. | 5.3 |
2020-09-25 | CVE-2020-24594 | Cross-site Scripting vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. | 9.6 |
2020-09-25 | CVE-2020-24593 | SQL Injection vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation. | 7.2 |
2020-09-25 | CVE-2020-24592 | Improper Encoding or Escaping of Output vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization. | 5.3 |