CVE-2019-12165

MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and earlier and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful exploit of this vulnerability could allow an attacker to execute arbitrary system commands.

Published: May 29, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-12165
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mitel / micollab	7.1	7.1.0.57.x
mitel / micollab	7.2	7.2.2.13.x
mitel / micollab	7.3	7.3.0.204.x
mitel / micollab_audio,_web_&_video_conferencing	5.0	5.0.5.7.x
mitel / micollab_audio,_web_&_video_conferencing	6.0	6.0.0.61.x
mitel / micollab_audio,_web_&_video_conferencing	6.1	6.1.0.28.x
mitel / micollab_audio,_web_&_video_conferencing	6.2	6.2.2.8.x
mitel / micollab_audio,_web_&_video_conferencing	6.3	6.3.0.103.x

https://www.mitel.com/-/media/mitel/pdf/content-entry-pdf/en-security-bulletin-17-0010-004.pdf

Vulnerability Database

289,784

CVE-2019-12165