CVE-2004-0944

Name of the Vulnerable Software and Affected Versions: Mitel 3300 Integrated Communications Platform (ICP) versions prior to 4.2.2.11

Description: The issue allows remote attackers to hijack other sessions due to easily predictable web session IDs generated by the web management interface. This can be achieved via the parentsessionid cookie.

Recommendations: For versions prior to 4.2.2.11, update to version 4.2.2.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the web management interface to minimize the risk of session hijacking.