CVE-2024-31967

2024-05-0216:15:08

[email protected]

web.nvd.nist.gov

mitel

sip phones

conference unit

vulnerability

unauthorized access

improper access control

cve-2024-31967

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an unauthenticated attacker to conduct an unauthorized access attack due to improper access control. A successful exploit could allow an attacker to gain unauthorized access to user information or the system configuration.

References

www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0010