CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22854

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.0%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2023-22854

Mitel » Micontact Center Business » Version: 9.2.2.0

cpe:2.3:a:mitel:micontact_center_business:9.2.2.0
Mitel » Micontact Center Business » Version: 9.2.3.0

cpe:2.3:a:mitel:micontact_center_business:9.2.3.0
Mitel » Micontact Center Business » Version: 9.3.0.0

cpe:2.3:a:mitel:micontact_center_business:9.3.0.0
Mitel » Micontact Center Business » Version: 9.3.1.0

cpe:2.3:a:mitel:micontact_center_business:9.3.1.0
Mitel » Micontact Center Business » Version: 9.4.0.0

cpe:2.3:a:mitel:micontact_center_business:9.4.0.0
Mitel » Micontact Center Business » Version: 9.4.1.0

cpe:2.3:a:mitel:micontact_center_business:9.4.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22854

Products

Pricing

Contact Us