First published: Wed Mar 09 2022(Updated: )
A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mitel MiCollab | <9.4 | |
Mitel MiCollab | =9.4 | |
Mitel MiCollab | =9.4-sp1 | |
Mitel Mivoice Business Express | <=8.1 | |
Mitel MiCollab, MiVoice Business Express | ||
<9.4 | ||
=9.4 | ||
=9.4-sp1 | ||
<=8.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this MiCollab and MiVoice Business Express vulnerability is CVE-2022-26143.
CVE-2022-26143 has a severity level of 9.8, which is considered critical.
The affected software for CVE-2022-26143 includes Mitel MiCollab versions up to 9.4 SP1 FP1 and MiVoice Business Express versions up to 8.1.
Remote attackers can exploit CVE-2022-26143 to obtain sensitive information and cause a denial of service, resulting in performance degradation and excessive outbound traffic.
Yes, there are public references available for CVE-2022-26143, including articles on Ars Technica, Cloudflare, and Hacker News.