HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2020-13617

CVSS 7.5v3.1pub. 2020-08-26upd. 2024-11-21

The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Mitel 6863

    HW
    Mitel
    wszystkie wersje
  • Mitel 6863 Firmware

    OS
    Mitel
    5.1≤ 5.0
  • Mitel 6865

    HW
    Mitel
    wszystkie wersje
  • Mitel 6865 Firmware

    OS
    Mitel
    5.1≤ 5.0
  • Mitel 6867

    HW
    Mitel
    wszystkie wersje
  • Mitel 6867 Firmware

    OS
    Mitel
    5.1≤ 5.0
  • Mitel 6869

    HW
    Mitel
    wszystkie wersje
  • Mitel 6869 Firmware

    OS
    Mitel
    5.1≤ 5.0
  • Mitel 6873

    HW
    Mitel
    wszystkie wersje
  • Mitel 6873 Firmware

    OS
    Mitel
    5.1≤ 5.0
  • Mitel 6905

    HW
    Mitel
    wszystkie wersje
  • Mitel 6905 Firmware

    OS
    Mitel
    5.1≤ 5.0
  • Mitel 6910

    HW
    Mitel
    wszystkie wersje
  • Mitel 6910 Firmware

    OS
    Mitel
    5.1≤ 5.0
  • Mitel 6920

    HW
    Mitel
    wszystkie wersje
  • Mitel 6920 Firmware

    OS
    Mitel
    5.1≤ 5.0
  • Mitel 6930

    HW
    Mitel
    wszystkie wersje
  • Mitel 6930 Firmware

    OS
    Mitel
    5.1≤ 5.0
  • Mitel 6940

    HW
    Mitel
    wszystkie wersje
  • Mitel 6940 Firmware

    OS
    Mitel
    5.1≤ 5.0
  • Mitel 6970

    HW
    Mitel
    wszystkie wersje
  • Mitel 6970 Firmware

    OS
    Mitel
    5.1≤ 5.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2024-41710HIGH7.2⚠ KEVten sam produkt

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Confere...

CVE-2024-28066HIGH8.8ten sam produkt

In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used (a hardcoded root password).

CVE-2022-29854MEDIUM6.8ten sam produkt

A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, co...

CVE-2019-18863MEDIUM5.9ten sam produkt

A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series pho...

CVE-2024-41713CRITICAL9.1⚠ KEVPL ✓ten sam vendor

Path Traversal w Mitel MiCollab — nieautoryzowany dostęp do danych