CVE-2024-55550: Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to...

0.0 CVSS

Description

Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to insufficient input sanitization. A successful exploit could allow the authenticated admin attacker to access resources that are constrained to the admin access level, and the disclosure is limited to non-sensitive system information. This vulnerability does not allow file modification or privilege escalation.

Known Exploited

🚨 Marked as known exploited on January 7th, 2025 (3 months ago).

Classification

CVE ID: CVE-2024-55550

CVSS Base Severity: LOW

CVSS Base Score: 0.0

CVSS Vector:

Affected Products

Vendor: n/a

Product: n/a

Nuclei Template

http/cves/2024/CVE-2024-55550.yaml

Exploit Prediction Scoring System (EPSS)

EPSS Score: 42.72% (probability of being exploited)

EPSS Percentile: 97.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://www.mitel.com/support/security-advisories
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029

Timeline

2024-12-11 00:31:11 UTC
CVE

Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to...
2025-01-07 15:15:12 UTC
CISA KEV

Mitel MiCollab Path Traversal Vulnerability
2025-01-07 15:16:41 UTC
🚨 Marked as Known Exploited