PT-2023-26871 · Mitel · Mitel Mivoice Connect

Jahmil Williams

Publicado

2023-08-25

Atualizado

2024-10-02

CVE-2023-39289

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mitel MiVoice Connect versions through 9.6.2208.101

Description A vulnerability in the Connect Mobility Router component could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information.

Recommendations For versions through 9.6.2208.101, update to a version later than 9.6.2208.101 to resolve the issue. As a temporary workaround, consider restricting access to the Connect Mobility Router component until a patch is available.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2023-39289

Produtos afetados

Mitel Mivoice Connect

PT-2023-26871 · Mitel · Mitel Mivoice Connect

CVE-2023-39289

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12