CVE-2024-55550 — Vulnetix

CVE-2024-55550 PUBLISHED KEV

Es existiert eine Path-Traversal Schwachstelle in Mitel MiCollab aufgrund einer unzureichenden EIngabevalidierung. Ein entfernter, authentisierter Angreifer mit administrativen Rechten kann dies ausnutzen, um Informationen offenzulegen.

EPSS 17.72% · 95.2th percentile

Risk Scores

EPSS Score

17.72%

95.2th percentile

Affected Products

Vendor	Product	Versions
Mitel	Mitel MiCollab <9.8 SP2 (9.8.2.12)

Timeline

Oct 9, 2024 CVE Published
Dec 5, 2024 PoC Published
Dec 5, 2024 PoC Published
Dec 5, 2024 PoC Published
Dec 5, 2024 PoC Published
Dec 5, 2024 PoC Published
Dec 11, 2024 VulnCheck KEV Exploitation
Dec 11, 2024 EPSS Score
Dec 15, 2024 PoC Published
Jan 3, 2025 PoC Published
Jan 7, 2025 CISA KEV Added
Jan 7, 2025 PoC Published

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3141.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3141 advisory
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-misa-2024-0025 advisory
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-misa-2024-0026 advisory
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-misa-2024-0027 advisory
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-misa-2024-0028 advisory
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-misa-2024-0029 advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog exploit

Open in Interactive Console →