Mitel Product Security Advisory 24-0017
Mitel Product Security Advisory 24-0017
MiVoice MX-ONE Authentication Bypass Vulnerability
Advisory ID: 24-0017
Publish Date: 2024-05-29
Last Updated: 2024-05-31
Revision: 2.0
Summary
An authentication bypass vulnerability has been identified in the Provisioning Manager component of Mitel MiVoice MX-ONE which, if successfully exploited, could allow a malicious actor to bypass the authorization schema.
Mitel is recommending customers with affected product versions update to the latest release.
Affected Products
Security Bulletins are being issued for the following products:
Product Name | Product Version | Security Bulletin | Last Updated |
---|---|---|---|
MiVoice MX-ONE | 7.6 SP1 and earlier | 24-0017-001 | 2024-05-31 |
Risk Assessment
The risk of this vulnerability is rated as High. Refer to the product Security Bulletin(s) for additional statements regarding risk.
Mitigation / Recommended Action
Mitel has issued new releases of the affected software. Customers are advised to update their software to the latest versions.
For additional information, contact Product Support.
Related CVEs / CWEs / Advisories
CVE-2024-36446
Revision History
Version | Date | Description |
---|---|---|
1.0 | 2024-05-29 | Initial version |
2.0 | 2024-05-31 | Updated the Security Bulletin |