CVE-2024-42514

Name of the Vulnerable Software and Affected Versions Mitel MiContact Center Business versions through 10.1.0.4

Description A vulnerability in the legacy chat component could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires user interaction and could allow an attacker to access sensitive information and send unauthorized messages during an active chat session.

Recommendations For versions through 10.1.0.4, consider disabling the legacy chat component until a patch is available to prevent unauthorized access and messaging. Restrict access to sensitive information and monitor chat sessions for suspicious activity.