Mitel ST 14.2 API User Enumeration Vulnerability

Mitel ST 14.2 API User Enumeration Vulnerability

CVE-2017-16250 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

A vulnerability in Mitel ST 14.2, release GA28 and earlier, could allow an attacker to use the API function to enumerate through user-ids which could be used to identify valid user ids and associated user names.

Learn more about our Api Penetration Testing.