CVE-2023-39290

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Aug 25, 2023

Updated: Aug 31, 2023

Summary

CVE-2023-39290 is a vulnerability affecting the Edge Gateway component of Mitel MiVoice Connect up to R19.3 SP3 (22.24.5800.0). This issue permits authenticated attackers with elevated privileges to carry out information disclosure attacks, potentially granting them access to sensitive system information. This vulnerability arises due to an improper configuration in the Edge Gateway component, making it crucial for organizations using this software to apply the necessary patches promptly to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mitel Mivoice Connect

Affected Vendors

Mitel Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sIWhSE
https://www.cve.org/CVERecord?id=CVE-2023-39290
https://nvd.nist.gov/vuln/detail/CVE-2023-39290

Back to Vulnerability Database