Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32748

The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.

Published

2023-08-14T18:15:10.867

Last Modified

2024-11-21T08:03:57.910

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
CWE-863

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mitel	mivoice_connect	≤ 22.24.1500.0	Yes

References

https://www.mitel.com/support/security-advisories Vendor Advisory ([email protected])
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0004 Vendor Advisory ([email protected])
https://www.mitel.com/support/security-advisories Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0004 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)