exploitDog

CVE-2023-31457

Опубликовано: 24 мая 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

A vulnerability in the Headquarters server component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.

Ссылки

https://www.mitel.com/support/security-advisories
Vendor Advisory
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0004
Vendor Advisory
https://www.mitel.com/support/security-advisories
Vendor Advisory
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0004
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mitel:mivoice_connect:*:*:*:*:*:*:*:*

Версия до 22.24.1500.0 (включая)

EPSS

Процентиль: 66%

0.00519

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-p636-9rpj-8948

CVSS3: 9.8

github

больше 2 лет назад

A vulnerability in the Headquarters server component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.

EPSS

Процентиль: 66%

0.00519

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo