Vulnerability Description
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit could allow an attacker to access network information and to generate excessive network traffic.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mitel | Mivoice Connect | <= 9.6.2304.102 |
Related Weaknesses (CWE)
References
- https://www.mitel.com/support/security-advisoriesVendor Advisory
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisorVendor Advisory
- https://www.mitel.com/support/security-advisoriesVendor Advisory
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisorVendor Advisory
FAQ
What is CVE-2023-39288?
CVE-2023-39288 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to con...
How severe is CVE-2023-39288?
CVE-2023-39288 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-39288?
Check the references section above for vendor advisories and patch information. Affected products include: Mitel Mivoice Connect.