+31 88 235 6483
+31 88 235 6483
Contact Center
Samenwerken
Zakelijke telefoonsystemen
Devices & accessoires
Vragen of opmerkingen?
+31 88 235 6483
Uw zakelijke behoefte
Uw branche
Organisatiegrootte
Onze diensten
Onze producten
Support voor klanten
Trainingen voor klanten
Partner support
Contact
Vragen of opmerkingen?
+31 88 235 6483
Blog
Over Mitel
Vacatures
Case studies
Resource center
Advisory ID: 16-0018
Publish Date: 2016-11-04
Revision: 1.0
Summary
A vulnerability in the MiCollab Client Web Portal service has been identified, allowing authenticated users to place calls using a different user’s account.
Credit is given to Michiel Singor for the discovery
Detailed Description
This vulnerability makes it possible to place calls from a variable source to a variable destination without validating the source of the POST
Using the REST interface, a user can use the authorization header using tool such as curl. Using the SOAP interface, tool such as SOAP UI can be used to be used to exploit it with user/password.
Affected Products
The following products were identified as affected:
| Product Name | Product Versions | Security Bulletin | Last Updated |
| MiCollab | 6.0 SP1 and earlier | n/a | 2016-11-04 |
Risk Assessment
This vulnerability has been assessed as having a CVSS v2 Base Score of 4.9 with low risk. An attacker would need access to a valid account to misuse any privileged features, including the ability to conduct Toll-Fraud.
| CVSS v2.0 OVERALL SCORE: | 4.9 |
| CVSS v2.0 VECTOR: | AV:N/AC:M/Au:S/C:P/I:P/A:N |
| CVSS BASE SCORE: | 4.9 |
| CVSS TEMPORAL SCORE: | not provided |
| CVSS ENVIRONMENTAL SCORE: | not provided |
| OVERALL RISK LEVEL: | Low |
Mitigation / Recommended Action
This issue has been corrected in vMAS 7.2.0.5 and vUCA 7.2.0.33. Administrators of older product versions should ensure that only trusted users are granted permissions to use affected versions of the MiCollab applications.
External References
https://cwe.mitre.org/data/definitions/284.htm
Related CVEs / CWEs / Advisories
CWE-284