CVE-2021-32068

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions prior to 9.3

Description: The issue allows an attacker to perform a Man-In-the-Middle attack by sending multiple session renegotiation requests, due to insufficient TLS session controls. A successful exploit could allow an attacker to modify application data and state.

Recommendations: For versions prior to 9.3, update to version 9.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the AWV and MiCollab Client Service components to minimize the risk of exploitation.