COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2024-55550

CVE-2024-55550

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-01-07
Reference
https://nvd.nist.gov/vuln/detail/CVE-2024-55550
⌖ exploited in the wild shame 80/100 ransomwareexploited-in-wild

Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization. This vulnerability can be chained with CVE-2024-41713, which allows an un

Players implicated

Mitel · vendorMiCollab · product

Description

Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization. This vulnerability can be chained with CVE-2024-41713, which allows an unauthenticated, remote attacker to read arbitrary files on the server.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.