A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercept sensitive information.
References
Link | Resource |
---|---|
https://www.mitel.com/support/security-advisories | Vendor Advisory |
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0006 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-02T17:52:37
Updated: 2020-03-02T17:52:37
Reserved: 2019-11-11T00:00:00
Link: CVE-2019-18863
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-03-02T18:15:10.667
Modified: 2021-07-21T11:39:23.747
Link: CVE-2019-18863
JSON object: View
Redhat Information
No data.
CWE