Lucene search

[email protected]NVD:CVE-2020-24693

HistoryDec 18, 2020 - 8:15 a.m.

CVE-2020-24693

2020-12-1808:15:13

[email protected]

web.nvd.nist.gov

mitel

micontact center

ignite portal

vulnerability

system information

output sanitization

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

3.6

Confidence

High

EPSS

Percentile

5.1%

JSON

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization.

Affected configurations

Nvd

Node

mitelmicontact_center_businessRange<9.3.0.0

VendorProductVersionCPE
mitelmicontact_center_business*cpe:2.3:a:mitel:micontact_center_business:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mitel	micontact_center_business	*	cpe:2.3:a:mitel:micontact_center_business::::::::

References

www.mitel.com/support/security-advisories

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

3.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2020-24693

prion1 cve1 cvelist1