CVE-2024-47912

HIGH Year: 2024
CVSS v3 Score
8.2
High
Weakness Type
CWE-306
View all →

Vulnerability Description

A vulnerability in the AWV (Audio, Web, and Video) Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to perform unauthorized data-access attacks due to missing authentication mechanisms. A successful exploit could allow an attacker to access and delete sensitive information.

Related Vulnerabilities

CVE-2019-12105

HIGH
CVSS:8.2(High)

In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component, inet_http_server, is not enabled by default bu...

CWE-3062019

CVE-2019-17353

HIGH
CVSS:8.2(High)

An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN,...

CWE-3062019

CVE-2019-6820

HIGH
CVSS:8.2(High)

A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specif...

CWE-3062019

CVE-2021-27963

HIGH
CVSS:8.2(High)

SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin). An anonymous user can send a POST request to /User/saveUser without any authentication or sess...

CWE-3062021

CVE-2022-34321

HIGH
CVSS:8.2(High)

Improper Authentication vulnerability in Apache Pulsar Proxy allows an attacker to connect to the /proxy-stats endpoint without authentication. The vulnerable endpoint exposes detailed statistics abou...

CWE-3062022

CVE-2023-23444

HIGH
CVSS:8.2(High)

Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 11...

CWE-3062023