CVE-2023-39287

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 25, 2023

Updated: Aug 31, 2023

CWE ID 88

Summary

CVE-2023-39287 is a vulnerability affecting the Edge Gateway component of Mitel MiVoice Connect versions up to 19.3 SP3 (22.24.5800.0). This issue enables authenticated attackers with elevated privileges and internal network access to inject malicious commands due to insufficient parameter sanitization. Successful exploitation of this vulnerability could grant an attacker access to network information and generate excessive network traffic.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mitel Mivoice Connect

Affected Vendors

Mitel Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sIWk77
https://www.cve.org/CVERecord?id=CVE-2023-39287
https://nvd.nist.gov/vuln/detail/CVE-2023-39287

Back to Vulnerability Database