Lucene search
MitreCVE-2023-39293HistoryAug 14, 2023 - 7:15 p.m.
CVE-2023-39293
2023-08-1419:15:13
CWE-77
mitre
web.nvd.nist.gov
21
cve-2023-39293
command injection
mivoice
office 400
smb controller
security vulnerability
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.001
Percentile
42.0%
A Command Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to execute arbitrary commands within the context of the system.
Affected configurations
Node
mitelmivoice_office_400Range≤7.0.9281
ORmitelmivoice_office_400_smb_controller_firmwareRange≤1.2.5.23
mitelmivoice_office_400_smb_controllerMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mitel | mivoice_office_400 | * | cpe:2.3:a:mitel:mivoice_office_400:*:*:*:*:*:*:*:* |
| mitel | mivoice_office_400_smb_controller_firmware | * | cpe:2.3:o:mitel:mivoice_office_400_smb_controller_firmware:*:*:*:*:*:*:*:* |
| mitel | mivoice_office_400_smb_controller | - | cpe:2.3:h:mitel:mivoice_office_400_smb_controller:-:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2023-39293
2023-08-14 19:15:13
prion
prion
Command injection
2023-08-14 19:15:00
cvelist
cvelist
CVE-2023-39293
2023-08-14 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.001
Percentile
42.0%
Related for CVE-2023-39293