CVE-2023-32748
First published: Mon Aug 14 2023(Updated: )
The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitel MiVoice Connect | <=22.24.1500.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-32748?
CVE-2023-32748 is a vulnerability in the Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) that could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.
How severe is CVE-2023-32748?
CVE-2023-32748 has a severity level of critical, with a severity value of 9.8.
Which software is affected by CVE-2023-32748?
Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) is affected by CVE-2023-32748.
How can an attacker exploit CVE-2023-32748?
An attacker with internal network access can exploit CVE-2023-32748 by executing arbitrary scripts due to improper access control.
Is there a fix for CVE-2023-32748?
Yes, refer to the official security advisories from Mitel for information on how to fix CVE-2023-32748.
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/author
- agent/type
- agent/softwarecombine
- agent/severity
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- vendor/mitel
- canonical/mitel mivoice connect
- version/mitel mivoice connect/22.24.1500.0