virus logo FortiClient Vulnerability

Security Vulnerabilities fixed in MiVoice Connect ADVISORY: 20-0004

description-logoDescription

A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an attacker to access the system with compromised user credentials. And a remote code execution vulnerability in the UCB component of MiVoice Connect before 19.1 SP1 could allow an unauthenticated remote attacker to execute arbitrary code due to insufficient validation of URL parameters. A successful exploit could allow an attacker to gain access to sensitive information.

affected-products-logoAffected Applications

MiVoice Connect
MiVoice Connect Client

CVE References

CVE-2020-10377 CVE-2020-10211

Other References

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0004
ID 2314
Created Aug 11, 2021
Description
Updated		 Nov 08, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Mitel Networks
Patch manual
Application MiVoice Connect , MiVoice Connect Client