A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to access sensitive information and potentially conduct unauthorized actions within the vulnerable component.
References
Link | Resource |
---|---|
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0001 | Vendor Advisory |
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0001 | Vendor Advisory |
Configurations
History
02 Jun 2025, 14:19
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mitel
Mitel micontact Center Business |
|
CPE | cpe:2.3:a:mitel:micontact_center_business:*:*:*:*:*:*:*:* | |
References | () https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0001 - Vendor Advisory |
18 Mar 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
21 Nov 2024, 09:05
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0001 - |
02 Aug 2024, 21:35
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-922 |
16 Mar 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-16 06:15
Updated : 2025-06-02 14:19
NVD link : CVE-2024-28069
Mitre link : CVE-2024-28069
CVE.ORG link : CVE-2024-28069
JSON object : View
Products Affected
mitel
- micontact_center_business
CWE
CWE-922
Insecure Storage of Sensitive Information