Lucene search
+L

168 matches found

Cvelist
Cvelist
added 2023/08/25 12:0 a.m.37 views

CVE-2023-39287

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit...

5.8AI score0.00509EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/25 12:0 a.m.16 views

CVE-2023-39290

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view syst...

6.3AI score0.0046EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/25 12:0 a.m.6 views

Mitel MiVoice Connect 安全漏洞

Mitel MiVoice Connect is Mitel Canada's software for centralized management of Mitel Networks' call processing and collaboration tools. A security vulnerability exists in Mitel MiVoice Connect that originates in the Edge Gateway component from an information disclosure issue...

4.9CVSS5.3AI score0.0046EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/08/25 12:0 a.m.7 views

PT-2023-26872 · Mitel · Mitel Mivoice Connect

Name of the Vulnerable Software and Affected Versions: Mitel MiVoice Connect versions through R19.3 SP3 22.24.5800.0 Description: A vulnerability in the Edge Gateway component could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to imprope...

4.9CVSS4.8AI score0.0046EPSS
Exploits0References9
CVE
CVE
added 2023/08/25 12:0 a.m.43 views

CVE-2023-39290

The CVE-2023-39290 entry involves Mitel MiVoice Connect, specifically the Edge Gateway component. A vulnerability could allow an authenticated user with elevated privileges to perform an information disclosure due to improper configuration, with the impact being visibility of system information. ...

4.9CVSS4.8AI score0.0046EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/14 12:0 a.m.5 views

PT-2023-9249 · Dell · Dell Edge Gateway Bios

Name of the Vulnerable Software and Affected Versions: Dell Edge Gateway BIOS versions 3200 and 5200 Description: The issue is related to an out-of-bounds write vulnerability in the System Management Mode SMM of the BIOS firmware. This could be exploited by a local authenticated malicious user wi...

8.2CVSS8AI score0.00168EPSS
Exploits0References8
CISA
CISA
added 2023/06/13 12:0 p.m.8 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on June 13, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-164-01 Datalogics Library Third-Party ICSA-23-164-02 Rockwell Automation FactoryTalk...

7AI score
Exploits0References4
ICS
ICS
added 2023/06/13 6:0 a.m.34 views

Rockwell Automation FactoryTalk Edge Gateway

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Edge Gateway Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local user to cause the program to crash, causing a...

7.1CVSS7.5AI score0.01185EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.5 views

The vulnerability of the Edge Gateway component of the MiVoice Connect business telephone system’s VoIP devices allows a perpetrator to make arbitrary changes to the configuration and execute arbitrary commands.

The vulnerability of the Edge Gateway component in the MiVoice Connect business telephone system’s VoIP devices relates to the absence of a mandatory password change during initial installation. Exploiting this vulnerability allows an attacker to make arbitrary changes to the configuration and...

10CVSS8AI score0.00922EPSS
Exploits0References4
NVD
NVD
added 2023/05/24 9:15 p.m.17 views

CVE-2023-31458

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 22.24.1500.0 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not enforce a password change. A...

9.8CVSS9.7AI score0.00922EPSS
Exploits0References2
OSV
OSV
added 2023/05/24 9:15 p.m.6 views

CVE-2023-31458

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 22.24.1500.0 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not enforce a password change. A...

9.8CVSS7.5AI score0.00922EPSS
Exploits0References2
Prion
Prion
added 2023/05/24 9:15 p.m.16 views

Command injection

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 22.24.1500.0 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not enforce a password change. A...

7.5CVSS9.6AI score0.00922EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/05/24 12:0 a.m.34 views

CVE-2023-31458

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 22.24.1500.0 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not enforce a password change. A...

9.8AI score0.00922EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/24 12:0 a.m.8 views

CVE-2023-31458

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 22.24.1500.0 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not enforce a password change. A...

9.7AI score0.00922EPSS
Exploits0References2
CVE
CVE
added 2023/05/24 12:0 a.m.68 views

CVE-2023-31458

Summary of CVE-2023-31458 (Mitel MiVoice Connect Edge Gateway) : The Edge Gateway component in MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier allows an unauthenticated attacker with internal network access to authenticate with administrative privileges because the initial installati...

9.8CVSS9.5AI score0.00922EPSS
Exploits0References2Affected Software1
NCSC
NCSC
added 2023/05/19 12:0 a.m.6 views

Vulnerabilities fixed in Mitel MiVoice Connect

Mitel has fixed vulnerabilities in several components of MiVoice Connect, such as Mobility router, Edge Gateway, HQ and DVS. A malicious party can exploit the vulnerabilities to execute arbitrary code within the context of the application. To execute code as an administrator, the malicious party...

9.8CVSS7.6AI score0.01714EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.17 views

PT-2023-2914 · Mitel · Mitel Mivoice Connect

Name of the Vulnerable Software and Affected Versions: Mitel MiVoice Connect versions 19.3 SP2 22.24.1500.0 and earlier Description: A vulnerability in the Edge Gateway component could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges,...

10CVSS9.7AI score0.00922EPSS
Exploits0References6
OSV
OSV
added 2023/03/03 10:15 p.m.3 views

CVE-2023-26213

On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/updatecertificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain...

7.2CVSS6AI score0.07878EPSS
Exploits3References4
Prion
Prion
added 2023/03/03 10:15 p.m.11 views

Command injection

On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/updatecertificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain...

5.8CVSS7.3AI score0.07878EPSS
Exploits3References4Affected Software7
CNNVD
CNNVD
added 2023/03/03 12:0 a.m.5 views

Barracuda CloudGen WAN 操作系统命令注入漏洞

Barracuda Networks Barracuda CloudGen WAN is Barracuda Networks' tool for easily connecting all your locations to the Microsoft Global Network via Azure Virtual WAN. A security vulnerability exists in versions prior to Barracuda CloudGen WAN Private Edge Gateway devices 8...

7.2CVSS7.5AI score0.07878EPSS
Exploits3References6
Rows per page
Query Builder