CVE-2024-55550

MEDIUM Year: 2024
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to insufficient input sanitization. A successful exploit could allow the authenticated admin attacker to access resources that are constrained to the admin access level, and the disclosure is limited to non-sensitive system information. This vulnerability does not allow file modification or privilege escalation.

Related Vulnerabilities

CVE-2019-15266

MEDIUM
CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. This vulnerability is due to imp...

CWE-222019

CVE-2019-1835

MEDIUM
CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco Aironet Access Points (APs) could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanit...

CWE-222019

CVE-2021-1436

MEDIUM
CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected syste...

CWE-222021

CVE-2021-44111

MEDIUM
CVSS:4.4(Medium)

A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup.

CWE-222021

CVE-2022-20449

MEDIUM
CVSS:4.4(Medium)

In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execu...

CWE-222022

CVE-2022-22821

MEDIUM
CVSS:4.4(Medium)

NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available.

CWE-222022