Is CVE-2024-47189 actively exploited?

CVE-2024-47189 has no public evidence of in-the-wild exploitation as of 2025-07-07.

What is the CVSS score for CVE-2024-47189?

CVE-2024-47189 has a CVSS score of 7.7 (HIGH severity). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H.

How do I patch CVE-2024-47189?

Patch guidance is available from mitel security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2024-47189.

Fix CVE-2024-47189 - HIGH mitel micollab

Description

The API Interface of the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct SQL injection due to insufficient sanitization of user input. A successful exploit could allow an attacker with knowledge of specific details to access non-sensitive user provisioning information and execute arbitrary SQL database commands.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
Attack Vector: network
Complexity: high
Privileges: none
User Action: none
Scope: unchanged
Confidentiality: low
Integrity: high
Availability: high
Weaknesses: CWE-89 · SQL Injection

Metadata

Primary Vendor: MITEL
Published: 10/21/2024
Last Modified: 7/7/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

mitel : micollab

Remediation Guidance

Executive Summary

View on NIST NVD