Mitel MiCollab AWV Directory Traversal Vulnerability (CVE-2020–11798)

Introduction

Vulnerabilities are a constant problem for organizations in the field of cybersecurity. Recently, Mitel MiCollab Advanced Workgroup (AWV) versions 8.1.2.4 and 9.1.3 have been found to have a critical security flaw, known as CVE-2020–11798. This vulnerability is dangerous because it allows unauthorized access to sensitive files and directories and is classified as Directory Traversal.

1. Vulnerability Overview

1.1 CVE ID

CVE-2020–11798

1.2 Affected Versions

• Mitel MiCollab AWV 8.1.2.4
• Mitel MiCollab AWV 9.1.3

1.3 Vulnerability Type

Directory Traversal

2. Vulnerability Description

Directory traversal is a security flaw in Mitel MiCollab AWV that results from insufficient input validation and allows an attacker to manipulate file paths and access files outside the intended directory structure. It allows an attacker to navigate beyond the web root directory and may lead to unauthorized access, data exposure, and in some cases, remote code execution.

3. Vulnerability Impact

The consequences of this directory traversal vulnerability in Mitel MiCollab AWV are severe.

• Unauthorized access to sensitive files and data.
• Disclosure of confidential information.
• Potential for remote code execution, contingent on the attacker’s skills and system access.
• Risks to data integrity and availability.

4. Steps to Reproduce

The process to exploit this vulnerability involves manipulating the URL to access files outside the web root directory. A sample URL demonstrating the issue is as follows:

https://example.com/awcuser/cgi-bin/vcs_access_file.cgi?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd

By crafting URLs in a similar fashion, an attacker can obtain unauthorized access to critical files.

5. Mitigation and Remediation

Mitel has promptly addressed this security vulnerability and released patches to eliminate the risk. Users and administrators are strongly urged to apply the relevant security updates or hotfixes at the earliest opportunity. The provided patch release document (PFA) outlines the necessary steps to secure Mitel MiCollab AWV installations.

Conclusion

Collaboration between vendors and users is crucial to maintaining the integrity and security of software applications in the ever-evolving cybersecurity landscape. The CVE-2020-11798 directory traversal vulnerability in Mitel MiCollab AWV highlights the significance of proactive security measures. Organizations should prioritize the prompt application of security updates and regularly assess their systems for vulnerabilities.