Americas
Europe
Oceania
800-722-1301
800-722-1301
800-722-1301
Contact Center
Collaboration
Business Phone Systems
Phones & Accessories
Questions or Comments?
800-722-1301
Your Business Need
Your Industry
Your Business Size
Our Services
Our Products
Customer Support
Customer Education
Partner Support
Contact Sales
Questions or Comments?
800-722-1301
Blog
About Mitel
Careers
Customer Success
Resource Center
Location: Canada (EN)
Advisory ID: 20-0008
Publish Date: 2020-06-25
Last Updated: 2020-06-25
Revision: 1.0
The SAS portal of Mitel MiCollab could allow an attacker to access user data by performing a header injection in HTTP responses due to the improper handling of input parameters. A successful exploit could allow an attacker to access user information
The Mitel MiCollab iOS application could allow an unauthorized user to access restricted files and folders due to insufficient access control. An exploit requires a rooted iOS device, and (if successful) could allow an attacker to gain access to sensitive information
These vulnerabilities were privately reported.
Mitel is recommending customers with affected product versions, update to the latest release.
Security Bulletins are being issued for the following products:
Product Name | Product Version | Security Bulletin | Last Updated |
---|---|---|---|
MiCollab | MiCollab 9.1.2.x and earlier | 20-0008-001 | 2020-06-25 |
MiCollab iOS application | MiCollab iOS version 9.1.313 and earlier | 20-0008-002 | 2020-06-25 |
PRODUCT NAME | PRODUCT VERSION | SECURITY BULLETIN | yyyy-MM-dd |
PRODUCT NAME | PRODUCT VERSION | SECURITY BULLETIN | yyyy-MM-dd |
PRODUCT NAME | PRODUCT VERSION | SECURITY BULLETIN | yyyy-MM-dd |
Mitel has issued new releases of the affected software. Customers are advised to update their software to the latest versions.
Customers are advised to review the product Security Bulletin. For additional information, contact Product Support.
N/A
Version | Date | Description |
---|---|---|
1.0 | 2020-06-25 | Initial version |
VERSION | DATE | DESCRIPTION |
VERSION | DATE | DESCRIPTION |
VERSION | DATE | DESCRIPTION |
VERSION | DATE | DESCRIPTION |