Advisory ID: 20-0003
First Issue Date: 2020-03-02
Last Updated: 2020-03-02
A vulnerability in the Software Development Kit of the Mitel MiContact Center Business with Site Based Security could allow an authenticated user access to sensitive information. A successful exploit could allow unauthorized access to user conversations.
Mitel is recommending that customers with affected product versions, update to release 22.214.171.124 and apply hotfix 496276.
Security Bulletins are being issued for the following products:
|Product Name||Product Versions||Fixed Product Version||Last Updated|
|MiContact Center Business||Versions with Site-Based Security - Release 8.0 and higher||20-0003-01||2020-03-02|
The risk from this vulnerability is constrained to systems configured for site-based security and is rated as Low. Refer to the product Security Bulletins for additional statements regarding risk.
Mitel has issued a new hotfix, 496276, to be applied to the 126.96.36.199 releases of the affected software. Customers are advised to update their software to 188.8.131.52 and apply the hotfix.
Customers are advised to review the product Security Bulletin. For additional information, contact Product Support.