Описание
A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an attacker to access the system with compromised user credentials.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 214.100.1213.0 (включая)
cpe:2.3:a:mitel:mivoice_connect_client:*:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00109
Низкий
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-327
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an attacker to access the system with compromised user credentials.
EPSS
Процентиль: 30%
0.00109
Низкий
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-327