When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Two of the three flaws are found in Mitels MiCollab unified communications platform.
One is a critical path traversal vulnerability, tracked as CVE-2024-41713.
By abusing this bug, threat actors can run admin actions and access user and online grid information.
This vulnerability is exploitable without authentication," MiCollab said.
The second bug is tracked as CVE-2024-55550, another path traversal vulnerability granting admin privileges.
Therefore, the severity of this bug was assigned to medium - 4.4/10.
The third bug is found in Oracle WebLogic Server, and is tracked as CVE-2020-2883.
It was patched in April 2020, and grants threat actors the ability to remotely access vulnerable endpoints.
Mitels MiCollab is a popularunified communicationsplatform, and as such - a major target for cybercriminals.
ViaBleepingComputer
