📦

micloud_management_portal

Vendor: mitel

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 0 Remote Access

Total CVEs 6 Total Indexed

Avg. EPSS 9.64% Exploit Prob.

Latest CVE CVE-2020-24595 Sep 25

Security Vulnerability Index

Page 1 / 1

5.3 CVSS

CVE-2020-24595

Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control.

EPSS: 0.21%

Severity: MEDIUM

Sep 25, 2020

9.6 CVSS

CVE-2020-24594

Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session.

EPSS: 0.65%

Severity: CRITICAL

Sep 25, 2020

7.2 CVSS

CVE-2020-24593

Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation.

EPSS: 0.42%

Severity: HIGH

Sep 25, 2020

5.3 CVSS

CVE-2020-24592

Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.

EPSS: 0.21%

Severity: MEDIUM

Sep 25, 2020

5.5 CVSS

CVE-2018-3639

Exploit Found

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

EPSS: 46.73%

Severity: MEDIUM

May 22, 2018

Displaying 5 of 6 Total Entries

Total 1 Sections