The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.
References
Link | Resource |
---|---|
https://www.mitel.com/support/security-advisories | Vendor Advisory |
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0004 | Vendor Advisory |
https://www.mitel.com/support/security-advisories | Vendor Advisory |
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0004 | Vendor Advisory |
Configurations
History
21 Nov 2024, 08:03
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.mitel.com/support/security-advisories - Vendor Advisory | |
References | () https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0004 - Vendor Advisory |
22 Aug 2023, 15:06
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.mitel.com/support/security-advisories - Vendor Advisory | |
References | (MISC) https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0004 - Vendor Advisory | |
CWE | CWE-863 | |
CPE | cpe:2.3:a:mitel:mivoice_connect:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
14 Aug 2023, 18:59
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-14 18:15
Updated : 2024-11-21 08:03
NVD link : CVE-2023-32748
Mitre link : CVE-2023-32748
CVE.ORG link : CVE-2023-32748
JSON object : View
Products Affected
mitel
- mivoice_connect
CWE
CWE-863
Incorrect Authorization