SQL injection vulnerabilities in CMG Suite 8.4 SP2 and previous versions, could allow an unauthenticated malicious user to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an malicious user to extract sensitive information from the database and execute arbitrary scripts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mitel cmg suite 8.4 |
||
mitel cmg suite |