Sensitive Information Exposure in MiContact Center Business by Mitel
CVE-2020-9379

6.5MEDIUM

Key Information:

Vendor
Mitel
Status
Micontact Center Business
Vendor
CVE Published:
25 February 2020

Summary

The Software Development Kit for MiContact Center Business versions 8.0 through 9.0.1.0 (prior to KB496276) is vulnerable to exposure of sensitive information. An authenticated user could exploit this vulnerability to gain unauthorized access to user conversations, potentially compromising private communications. The flaw calls for immediate attention, and updating to the recommended version is critical to mitigate risks.

References

https://www.mitel.com/support/security-advisories
x_refsource_MISC
https://www.mitel.com/support/security-advisories/mitel-p...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2020-9379 : Sensitive Information Exposure in MiContact Center Business by Mitel | SecurityVulnerability.io