2 matches found
CVE-2023-22854
The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information...
CVE-2023-22854
The CVE-2023-22854 entry concerns Mitel MiContact Center Business server, specifically the ccmweb component, version range 9.2.2.0 to 9.4.1.0. The root cause is insufficient restriction of URL parameters in the ccmweb component, enabling an unauthenticated attacker to download arbitrary files and...