9.1
CVE-2021-3352
- EPSS 1.04%
- Veröffentlicht 13.08.2021 16:15:08
- Zuletzt bearbeitet 21.11.2024 06:21:22
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view and modify) user data without authorization due to improper handling of tokens.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mitel ≫ Micontact Center Business Version >= 8.0.0.0 <= 8.1.4.1
Mitel ≫ Micontact Center Business Version >= 9.0.0.0 <= 9.3.1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.04% | 0.595 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:P/A:N
|
https://www.mitel.com/support/security-advisories
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0002