CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39287

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit could allow an attacker to access network information and to generate excessive network traffic.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 36.0%

CVSS Severity

CVSS v3 Score 5.5

References

Products affected by CVE-2023-39287

Mitel » Mivoice Connect » Version: N/A

cpe:2.3:a:mitel:mivoice_connect:-
Mitel » Mivoice Connect » Version: 19.1

cpe:2.3:a:mitel:mivoice_connect:19.1
Mitel » Mivoice Connect » Version: 19.3

cpe:2.3:a:mitel:mivoice_connect:19.3
Mitel » Mivoice Connect » Version: 21.84.5535.0

cpe:2.3:a:mitel:mivoice_connect:21.84.5535.0
Mitel » Mivoice Connect » Version: 21.90.9743.0

cpe:2.3:a:mitel:mivoice_connect:21.90.9743.0
Mitel » Mivoice Connect » Version: 22.20.2300.0

cpe:2.3:a:mitel:mivoice_connect:22.20.2300.0
Mitel » Mivoice Connect » Version: 22.24.1500.0

cpe:2.3:a:mitel:mivoice_connect:22.24.1500.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39287

Products

Pricing

Contact Us