CVE-2020-11797

An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an unauthenticated attacker to gain access to unauthorized information due to insufficient access validation. A successful exploit could allow an attacker to access sensitive shared files.

Published: Aug 26, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-11797
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mitel / micollab_audio,_web_&_video_conferencing	9.0	9.1.3
mitel / micollab_audio,_web_&_video_conferencing	-	8.1.2.4

https://www.mitel.com/support/security-advisories
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0005

Vulnerability Database

289,871

CVE-2020-11797