CVE-2019-19608

A SQL injection vulnerability in in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the registeredList.cgi page. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts.
Configurations

Configuration 1

cpe:2.3:a:mitel:micollab_audio,_web_&_video_conferencing:*:*:*:*:*:*:*:*
cpe:2.3:a:mitel:micollab_audio,_web_&_video_conferencing:*:*:*:*:*:*:*:*

Information

Published : 2020-03-02 06:15

Updated : 2020-03-04 05:05


NVD link : CVE-2019-19608

Mitre link : CVE-2019-19608

Products Affected
No products.
CWE