From 7022b42d243de380aa9fa40c9a03b590be4a5f10 Mon Sep 17 00:00:00 2001 From: Alwin Warringa Date: Fri, 6 Dec 2024 09:07:40 +0100 Subject: [PATCH 1/2] Create DIVD-2024-00050.md Eerste versie van casefile --- _cases/2024/DIVD-2024-00050.md | 50 ++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 _cases/2024/DIVD-2024-00050.md diff --git a/_cases/2024/DIVD-2024-00050.md b/_cases/2024/DIVD-2024-00050.md new file mode 100644 index 00000000..076310bb --- /dev/null +++ b/_cases/2024/DIVD-2024-00050.md @@ -0,0 +1,50 @@ +--- +layout: case +title: "Path traversal vulnerabilty in Mitel MiCollab" +author: Alwin Warringa +lead: Alwin Warringa +excerpt: "A path traversal vulnerability, CVE-2024-41713, in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation" +researchers: +- Alwin Warringa +- Stan Plasmeijer +- Koen Schagen +cves: +- CVE-2024-41713 +product: +-Mitel MiCollab +versions: +-9.8 SP1 FP2 (9.8.1.201) and earlier +recommendation: "Upgrade to MiCollab 9.8 SP2 (9.8.2.12) or later" +workaround: "none" +patch_status: Patch available +status : Open +start: 2024-12-05 +timeline: +- start: 2024-12-05 + end: + event: "DIVD starts researching the vulnerability." +- start: 2024-12-06 + end: + event: "DIVD finds fingerprint, preparing to scan." +- start: 2024-12-06 + end: + event: "Case opened and starting first scan." +--- + +## Summary +A path traversal vulnerability, {% cve CVE-2024-41713 %}, in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit of this vulnerability could allow an attacker to gain unauthorized access, with potential impacts to the confidentiality, integrity, and availability of the system. This vulnerability is exploitable without authentication. If the vulnerability is successfully exploited, an attacker could gain unauthenticated access to provisioning information including non-sensitive user and network information and perform unauthorized administrative actions on the MiCollab Server. + +## Recommendations + +To remediate {% cve CVE-2024-41713 %}, upgrade to MiCollab 9.8 SP2 (9.8.2.12) or later. You can find a link to the Mitel bulletin at the bottom of this post. + +## What we are doing + +DIVD is currently working to identify parties that are running a vulnerable version of Mitel MiCollab and to notify these parties. + +{% include timeline.html %} + +## More information + +* {% cve CVE-2024-41713 %} +* [Mitel MiCollab Security Bulletin](https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029) From 7a1b7d3d7fa7acecb89620f008ebc42bca783efb Mon Sep 17 00:00:00 2001 From: Alwin Warringa Date: Fri, 6 Dec 2024 09:10:31 +0100 Subject: [PATCH 2/2] Update DIVD-2024-00050.md Typo --- _cases/2024/DIVD-2024-00050.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_cases/2024/DIVD-2024-00050.md b/_cases/2024/DIVD-2024-00050.md index 076310bb..3cc2c55b 100644 --- a/_cases/2024/DIVD-2024-00050.md +++ b/_cases/2024/DIVD-2024-00050.md @@ -11,9 +11,9 @@ researchers: cves: - CVE-2024-41713 product: --Mitel MiCollab +- Mitel MiCollab versions: --9.8 SP1 FP2 (9.8.1.201) and earlier +- 9.8 SP1 FP2 (9.8.1.201) and earlier recommendation: "Upgrade to MiCollab 9.8 SP2 (9.8.2.12) or later" workaround: "none" patch_status: Patch available