Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-36446

The provisioning manager component of Mitel MiVoice MX-ONE through 7.6 SP1 could allow an authenticated attacker to conduct an authentication bypass attack due to improper access control. A successful exploit could allow an attacker to bypass the authorization schema.

Published

2024-08-13T17:15:23.403

Last Modified

2025-03-25T17:15:57.010

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mitel	mivoice_mx-one	< 7.6	Yes
Application	mitel	mivoice_mx-one	7.6	Yes
Application	mitel	mivoice_mx-one	7.6	Yes

References

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0017 Vendor Advisory ([email protected])