Inadequate Access Control in Mitel MiContact Center Legacy Chat Component

CVE-2024-42514

Summary

A vulnerability in the legacy chat component of Mitel MiContact Center Business versions up to 10.1.0.4 allows an unauthenticated attacker to exploit the system through insufficient access control checks. This vulnerability potentially enables an attacker to gain unauthorized access during an active chat session, which can result in exposure of sensitive information and the ability to send unauthorized messages. User interaction is required for successful exploitation, emphasizing the need for vigilance among users of the affected versions.

References