CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29499

The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.898

EPSS Ranking 99.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

Proposed Action

The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation.

Ransomware Campaign

Known

References

Products affected by CVE-2022-29499

Mitel » Mivoice Connect » Version: N/A

cpe:2.3:a:mitel:mivoice_connect:-
Mitel » Mivoice Connect » Version: 19.1

cpe:2.3:a:mitel:mivoice_connect:19.1
Mitel » Mivoice Connect » Version: 19.3

cpe:2.3:a:mitel:mivoice_connect:19.3
Mitel » Mivoice Connect » Version: 21.84.5535.0

cpe:2.3:a:mitel:mivoice_connect:21.84.5535.0
Mitel » Mivoice Connect » Version: 21.90.9743.0

cpe:2.3:a:mitel:mivoice_connect:21.90.9743.0
Mitel » Mivoice Connect » Version: 22.20.2300.0

cpe:2.3:a:mitel:mivoice_connect:22.20.2300.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29499

Products

Pricing

Contact Us