Schulung
LOGIN PORTAL
Americas
Oceania
Kommunikationssysteme
Zusammenarbeit
Contact Center
Telefone und Zubehör
Anwendungen und Entwickler
Ihr Geschäftsbedarf
Ihre Branche
Ihre Unternehmensgröße
Unsere Services
Unsere Produkte
Kundensupport
Partner Support
Schulung
Kontakt Verkauf
Blog
Über Mitel
Karriere
Kundenreferenzen
Informationscenter
Standort: Deutschland
Advisory ID: 21-0002
Publish Date: 2021-02-10
Last Updated: 2021-02-10
Revision: 1.0
The Software Development Kit in Mitel MiContact Center Business could allow an unauthenticated attacker to access user data without authorization due to improper handling of tokens. Successful exploit could allow an attacker to view and modify user data, potentially impacting confidentiality of user data and integrity of the application.
Mitel is recommending customers with affected product versions, update to the latest release.
Product Name | Product Version | Security Bulletin | Last Updated |
---|---|---|---|
MiContact Center Business |
MiContact Center Business from 8.0.0.0 to 8.1.4.1 MiContact Center Business 9.0.0.0 MiContact Center Business 9.0.1.0 MiContact Center Business 9.0.2.0 MiContact Center Business 9.1.0.0 MiContact Center Business 9.1.1.0 MiContact Center Business 9.1.2.0 MiContact Center Business 9.1.3.0 MiContact Center Business 9.2.0.0 MiContact Center Business 9.2.1.0 MiContact Center Business 9.2.2.0 MiContact Center Business 9.2.3.0 MiContact Center Business 9.3.0.0 MiContact Center Business 9.3.1.0 |
21-0002-001 | 2021-02-10 |
The risk for this vulnerability is rated as High. Refer to the product Security Bulletins for additional statements regarding risk.
Mitel has issued new hotfixes for the affected software versions. Customers are advised to apply the appropriate hotfix. For more information refer to the Product Security Bulletin and review related Knowledge Base article, Mandatory Security Hot Fix for CVE-2021-3352.
Version | Date | Description |
---|---|---|
1.0 | 2021-02-10 | Initial Version |