CVE-2019-19607

A SQL injection vulnerability in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the session parameter. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts.
Configurations

Configuration 1

cpe:2.3:a:mitel:micollab_audio,_web_&_video_conferencing:*:*:*:*:*:*:*:*
cpe:2.3:a:mitel:micollab_audio,_web_&_video_conferencing:*:*:*:*:*:*:*:*

Information

Published : 2020-03-02 06:15

Updated : 2020-03-04 09:05


NVD link : CVE-2019-19607

Mitre link : CVE-2019-19607

Products Affected
No products.
CWE