← back
CVE-2024-41712

CVE-2024-41712

CVSS 6.6 MEDIUMEPSS 0.5%CWE-94
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.6EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
21 Oct 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow an authenticated attacker to conduct a command injection attack, due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary commands on the system within the context of the user.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Affected products
n/a · n/a