A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary database and management operations.
Metrics
Affected Vendors & Products
References
History
Mon, 09 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mitel micollab
|
|
CPEs | cpe:2.3:a:mitel:micollab:-:*:*:*:*:*:*:* | |
Vendors & Products |
Mitel micollab Nupoint Messanger
|
Mitel micollab
|
Tue, 22 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mitel
Mitel micollab Nupoint Messanger |
|
Weaknesses | CWE-89 | |
CPEs | cpe:2.3:a:mitel:micollab_nupoint_messanger:*:*:*:*:*:*:*:* | |
Vendors & Products |
Mitel
Mitel micollab Nupoint Messanger |
|
Metrics |
cvssV3_1
|
Mon, 21 Oct 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary database and management operations. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-21T00:00:00
Updated: 2024-12-10T04:55:53.023Z
Reserved: 2024-05-15T00:00:00
Link: CVE-2024-35286
Vulnrichment
Updated: 2024-10-22T13:57:05.460Z
NVD
Status : Awaiting Analysis
Published: 2024-10-21T21:15:05.367
Modified: 2024-10-23T15:12:34.673
Link: CVE-2024-35286
Redhat
No data.