A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not enforce a password change. A successful exploit could allow an attacker to make arbitrary configuration changes and execute arbitrary commands.
References
Link | Resource |
---|---|
https://www.mitel.com/support/security-advisories | Vendor Advisory |
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0005 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-05-24T00:00:00
Updated: 2023-05-24T00:00:00
Reserved: 2023-04-28T00:00:00
Link: CVE-2023-31458
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-24T21:15:11.520
Modified: 2023-06-01T18:17:49.983
Link: CVE-2023-31458
JSON object: View
Redhat Information
No data.
CWE