NVD Vulnerability Detail

CVE-2024-41713

Summary	A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations.
Publication Date	Oct. 22, 2024, 6:15 a.m.
Registration Date	Oct. 22, 2024, noon
Last Update	Oct. 24, 2024, 12:12 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029

Common Vulnerabilities List

JVN Vulnerability Information

Mitel Networks Corporation の MiCollab におけるパストラバーサルの脆弱性

Title	Mitel Networks Corporation の MiCollab におけるパストラバーサルの脆弱性
Summary	Mitel Networks Corporation の MiCollab には、パストラバーサルの脆弱性が存在します。
Possible impacts	情報を取得される、および情報を改ざんされる可能性があります。
Solution	ベンダアドバイザリまたはパッチ情報が公開されています。参考情報を参照して適切な対策を実施してください。
Publication Date	Oct. 21, 2024, midnight
Registration Date	Jan. 9, 2025, 5:29 p.m.
Last Update	Jan. 9, 2025, 5:29 p.m.

Affected System

Mitel Networks Corporation

MiCollab 9.8.1.201 およびそれ以前

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
CISA Known Exploited Vulnerabilities Catalog
1	CVE-2024-41713	https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Common Vulnerabilities and Exposures (CVE)
2	CVE-2024-41713	https://www.cve.org/CVERecord?id=CVE-2024-41713
National Vulnerability Database (NVD)
3	CVE-2024-41713	https://nvd.nist.gov/vuln/detail/CVE-2024-41713

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-22	https://jvndb.jvn.jp/ja/cwe/CWE-22.html

その他

No	Name	URL
関連文書
1	www.mitel.com (mitel-product-security-advisory-misa-2024-0029)	https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029

Change Log

No	Changed Details	Date of change
1	[2025年01月09日] 掲載	Jan. 9, 2025, 5:29 p.m.