Lucene search

[email protected]CVE-2022-26143

HistoryMar 10, 2022 - 5:47 p.m.

CVE-2022-26143

2022-03-1017:47:32

CWE-306

[email protected]

web.nvd.nist.gov

922

In Wild

mitel

micollab

tp-240

cve-2022-26143

security vulnerability

ddos攻击

information disclosure

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:P/A:C

0.059 Low

EPSS

Percentile

93.5%

JSON

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.

Affected configurations

NVD

Node

mitelmicollabRange<9.4-

mitelmicollabMatch9.4--

mitelmicollabMatch9.4sp1-

mitelmivoice_business_expressRange≤8.1

CPENameOperatorVersion
mitel:micollabmitel micollablt9.4
mitel:mivoice_business_expressmitel mivoice business expressle8.1

CPE	Name	Operator	Version
mitel:micollab	mitel micollab	lt	9.4
mitel:mivoice_business_express	mitel mivoice business express	le	8.1

References

arstechnica.com/information-technology/2022/03/ddosers-use-new-method-capable-of-amplifying-traffic-by-a-factor-of-4-billion/

blog.cloudflare.com/cve-2022-26143/

news.ycombinator.com/item?id=30614073

team-cymru.com/blog/2022/03/08/record-breaking-ddos-potential-discovered-cve-2022-26143/

www.akamai.com/blog/security/phone-home-ddos-attack-vector

www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-22-0001

www.shadowserver.org/news/cve-2022-26143-tp240phonehome-reflection-amplification-ddos-attack-vector/

Social References

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:P/A:C

0.059 Low

EPSS

Percentile

93.5%

JSON

Related for CVE-2022-26143

cisa_kev1 nvd2 attackerkb2 akamaiblog1 thn1 prion1 cvelist1 cve1