MiCollab Client Web Portal Call Service Vulnerability

Advisory ID: 16-0018
Publish Date: 2016-11-04
Revision: 1.0

Summary

A vulnerability in the MiCollab Client Web Portal service has been identified, allowing authenticated users to place calls using a different user’s account.

Credit is given to Michiel Singor for the discovery

Detailed Description

This vulnerability makes it possible to place calls from a variable source to a variable destination without validating the source of the POST

Using the REST interface, a user can use the authorization header using tool such as curl. Using the SOAP interface, tool such as SOAP UI can be used to be used to exploit it with user/password.

Affected Products

The following products were identified as affected:

Product Name   Product Versions   Security Bulletin   Last Updated 
 MiCollab  6.0 SP1 and earlier  n/a 2016-11-04

Risk Assessment

This vulnerability has been assessed as having a CVSS v2 Base Score of 4.9 with low risk. An attacker would need access to a valid account to misuse any privileged features, including the ability to conduct Toll-Fraud.

CVSS v2.0 OVERALL SCORE:   4.9 
CVSS v2.0 VECTOR:   AV:N/AC:M/Au:S/C:P/I:P/A:N 
CVSS BASE SCORE:   4.9 
CVSS TEMPORAL SCORE:   not provided 
CVSS ENVIRONMENTAL SCORE:  not provided 
OVERALL RISK LEVEL:   Low 


Mitigation / Recommended Action

This issue has been corrected in vMAS 7.2.0.5 and vUCA 7.2.0.33. Administrators of older product versions should ensure that only trusted users are granted permissions to use affected versions of the MiCollab applications.

External References

https://cwe.mitre.org/data/definitions/284.htm

Related CVEs / CWEs / Advisories

CWE-284


Neem contact op met Mitel
Vind een partner +31 (0)88 235 6483 Contact