CVE-2023-39291
First published: Fri Aug 25 2023(Updated: )
A vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitel MiVoice Connect | <=9.6.2304.102 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-39291?
CVE-2023-39291 is a vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 that could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration.
How severe is CVE-2023-39291?
CVE-2023-39291 has a severity rating of 4.9, which is classified as medium.
Which software versions are affected by CVE-2023-39291?
MiVoice Connect versions up to and including 9.6.2304.102 are affected by CVE-2023-39291.
What is the impact of CVE-2023-39291?
A successful exploit of CVE-2023-39291 could allow an attacker to view system information.
How can I mitigate the risk of CVE-2023-39291?
To mitigate the risk of CVE-2023-39291, it is recommended to apply the necessary updates or patches provided by Mitel.
- collector/nvd-api
- collector/nvd-index
- agent/type
- agent/references
- agent/author
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/mitel
- canonical/mitel mivoice connect
- version/mitel mivoice connect/9.6.2304.102