Vulnerabilities > Mitel > Micloud Management Portal > 6.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-25 | CVE-2020-24595 | Incorrect Authorization vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control. | 5.0 |
2020-09-25 | CVE-2020-24594 | Cross-site Scripting vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. | 6.8 |
2020-09-25 | CVE-2020-24593 | SQL Injection vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation. | 6.5 |
2020-09-25 | CVE-2020-24592 | Improper Encoding or Escaping of Output vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization. | 5.0 |