Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 contain a vulnerability in the TP-240 component caused by improper handling, letting remote attackers obtain sensitive information and cause denial of service, exploit requires remote access.
PoC代码[已公开]
id: CVE-2022-26143
info:
name: Mitel MiCollab - Information Disclosure & Denial of Service
author: theamanrawat
severity: critical
description: |
Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 contain a vulnerability in the TP-240 component caused by improper handling, letting remote attackers obtain sensitive information and cause denial of service, exploit requires remote access.
impact: |
Attackers can retrieve sensitive information and cause performance degradation or denial of service, including DDoS attacks.
remediation: |
Update to version 9.4 SP1 FP1 or later for MiCollab, and latest version for MiVoice Business Express.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2022-26143
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-26143
epss-score: 0.89199
epss-percentile: 0.99518
cwe-id: CWE-306
cpe: cpe:2.3:a:mitel:micollab:9.4:-:*:*:*:-:*:*
metadata:
verified: true
shodan-query: html:"MiCollab End User Portal"
max-request: 1
tags: cve,cve2022,mitel,micollab,kev,passive,vkev
http:
- raw:
- |
GET /ucs/micollab/version.json HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(body, "\"version\":")'
- 'compare_versions(version, "< 9.4.0")'
condition: and
extractors:
- type: json
name: version
json:
- '.version'
# digest: 4a0a00473045022100f80f2641720bb6fee7909b06cb2485c1eb0b4def95365c8585ce70dbd7fa19c1022007f1497c09c1eb1400d09ba0d01bdec48faa61e186cf8254b9e6d2807da04447:922c64590222798bb761d5b6d8e72950