Multiple vulnerabilities in Mitel MiCollab
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2022-36451 CVE-2022-36452 CVE-2022-36453 CVE-2022-36454 |
| CWE-ID | CWE-918 CWE-434 CWE-285 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
MiCollab Server applications / Conferencing, Collaboration and VoIP solutions |
| Vendor | Mitel |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU66158
Risk: Medium
CVSSv3.1: 5.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-36451
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input in the MiCollab Client server component. A remote user can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMiCollab: 9.5.0.101
External linkshttp://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0006
http://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin-22-0006-002.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Arbitrary file upload
EUVDB-ID: #VU66159
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-36452
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload in the web conferencing componen. A remote attacker on the local network can upload a malicious file and execute it on the server.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMiCollab: 9.5.0.101
External linkshttp://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0006
http://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin-22-0006-001.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Authorization
EUVDB-ID: #VU66160
Risk: Medium
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-36453
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authorization checks.
The vulnerability exists due to an incorrect authorization check in the MiCollab Client API. A remote user can control another extension number.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMiCollab: 9.5.0.101
External linkshttp://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0006
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper Authorization
EUVDB-ID: #VU66161
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-36454
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authorization checks.
The vulnerability exists due to an incorrect authorization check in the MiCollab Client API. A remote user can impersonate another user’s name.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMiCollab: 9.5.0.101
External linkshttp://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0006
http://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin-22-0006-003.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
