3 matches found
CVE-2018-18286
CVE-2018-18286 affects CMG Suite 8.4 SP2 and earlier. The vulnerability arises from insufficient input validation in the changepwd interface, enabling an unauthenticated attacker to perform SQL injection. Consequences described include extraction of sensitive database data and execution of arbitr...
CVE-2018-19275
Summary (CVE-2018-19275): The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers exposes a default password that could allow remote attackers to gain unauthorized access and execute arbitrary scripts, potentially impacting confidentiality, integrity, and avail...
CVE-2018-18285
CVE-2018-18285 affects CMG Suite up to version 8.4 SP2. The vulnerability is a SQL injection in the login interface caused by insufficient input validation, allowing an unauthenticated attacker to extract sensitive data from the database and, in some cases, execute arbitrary scripts. The NVD metr...