CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39292

A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to access sensitive information and execute arbitrary database and management operations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.4%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2023-39292

Mitel » Mivoice Office 400 » Version: N/A

cpe:2.3:a:mitel:mivoice_office_400:-
Mitel » Mivoice Office 400 » Version: 5.0

cpe:2.3:a:mitel:mivoice_office_400:5.0
Mitel » Mivoice Office 400 » Version: 7.0.9281

cpe:2.3:a:mitel:mivoice_office_400:7.0.9281
Mitel » Mivoice Office 400 Smb Controller » Version: N/A

cpe:2.3:h:mitel:mivoice_office_400_smb_controller:-
Mitel » Mivoice Office 400 Smb Controller Firmware » Version: N/A

cpe:2.3:o:mitel:mivoice_office_400_smb_controller_firmware:-
Mitel » Mivoice Office 400 Smb Controller Firmware » Version: 1.2.5.23

cpe:2.3:o:mitel:mivoice_office_400_smb_controller_firmware:1.2.5.23

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39292

Products

Pricing

Contact Us