exploitDog

CVE-2025-67822

Опубликовано: 15 янв. 2026

Источник: nvd

CVSS3: 9.4

EPSS Низкий

Описание

A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 (7.3.0.0.50) through 7.8 SP1 (7.8.1.0.14) could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gain unauthorized access to user or admin accounts in the system.

Ссылки

https://www.mitel.com/support/security-advisories
Vendor Advisory
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0009
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mitel:mivoice_mx-one:*:*:*:*:*:*:*:*

Версия от 7.3 (включая) до 7.8 (исключая)

cpe:2.3:a:mitel:mivoice_mx-one:7.8:-:*:*:*:*:*:*

cpe:2.3:a:mitel:mivoice_mx-one:7.8:sp1:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00218

Низкий

9.4 Critical

CVSS3

Дефекты

CWE-287

Связанные уязвимости

GHSA-86mm-wwrr-f4h4

CVSS3: 9.4

github

22 дня назад

A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 (7.3.0.0.50) through 7.8 SP1 (7.8.1.0.14) could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gain unauthorized access to user or admin accounts in the system.

EPSS

Процентиль: 44%

0.00218

Низкий

9.4 Critical

CVSS3

Дефекты

CWE-287