virus logo FortiClient Vulnerability

Security Vulnerabilities fixed in Mitel Connect 19.3 SP1

description-logoDescription

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters. The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker to conduct a code-injection attack via crafted data due to insufficient restrictions on the database data type.

affected-products-logoAffected Applications

Mitel Connect

CVE References

CVE-2022-40765 CVE-2022-41223

Other References

https://www.mitel.com/support/security-advisories
ID 4586
Created Nov 30, 2022
Description
Updated		 Nov 07, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Mitel Networks
Patch manual
Application Mitel Connect