PT-2023-23339 · Mitel · Mitel Mivoice Connect

Jahmil Williams

Publicado

2023-05-20

Atualizado

2023-06-01

CVE-2023-31457

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier

Description A vulnerability in the Headquarters server component could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.

Recommendations For versions 19.3 SP2 (22.24.1500.0) and earlier, update to a version later than 19.3 SP2 (22.24.1500.0) to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-31457

Produtos afetados

Mitel Mivoice Connect

PT-2023-23339 · Mitel · Mitel Mivoice Connect

CVE-2023-31457

Identificadores relacionados

Produtos afetados

Referências · 5