CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-39286

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an unauthenticated attacker to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modified URL, potentially enabling them to modify system configuration settings.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.4%

CVSS Severity

CVSS v3 Score 4.3

References

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0015
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0015

Products affected by CVE-2023-39286

Mitel » Connect Mobility Router » Version: N/A

cpe:2.3:a:mitel:connect_mobility_router:-
Mitel » Connect Mobility Router » Version: 9.6.2307.103

cpe:2.3:a:mitel:connect_mobility_router:9.6.2307.103

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39286

Products

Pricing

Contact Us