Micloud Management Portal
by Mitel
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-3639 | Med | 0.44 | 5.5 | 0.61 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,… | ||
| CVE-2020-24595 | 0.00 | — | 0.01 | Sep 25, 2020 | Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control. | |||
| CVE-2020-24594 | 0.00 | — | 0.02 | Sep 25, 2020 | Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session. | |||
| CVE-2020-24593 | 0.00 | — | 0.01 | Sep 25, 2020 | Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation. | |||
| CVE-2020-24592 | 0.00 | — | 0.01 | Sep 25, 2020 | Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization. |
- risk 0.44cvss 5.5epss 0.61
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,…
- CVE-2020-24595Sep 25, 2020risk 0.00cvss —epss 0.01
Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control.
- CVE-2020-24594Sep 25, 2020risk 0.00cvss —epss 0.02
Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session.
- CVE-2020-24593Sep 25, 2020risk 0.00cvss —epss 0.01
Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation.
- CVE-2020-24592Sep 25, 2020risk 0.00cvss —epss 0.01
Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.