SECURITY ADVISORIES

Mitel Product Security Advisories are published for moderate and high-risk security issues. Each advisory provides information on the status of investigation and provides additional information on products confirmed to be affected and recommended action to be taken by customers. Advisories are posted in reverse chronological order.

This information is provided on an "as is" basis and does not grant or imply any guarantees or warranties, including the warranties of merchantability or fitness for a particular use. Mitel does not guarantee that any of the information is accurate or up to date. By using the information, you acknowledge and agree that your use of the information, or the documents or materials linked to this information, is at your own risk. In addition, Mitel’s provision of this information shall not and does not affect the terms or conditions of any agreement with Mitel. Mitel reserves the right to change or update this information without notice at any time.

Click here for a more comprehensive details on Mitel’s Product Security Policy ›

Stay one step ahead.

Get notifications of the latest security advisories delivered straight to your inbox!

Sign-up
Advisory ID CVE# Severity Publish Date Last Updated
Security Advisory Report - OBSO-1905-01 OBSO-1905-01 CVE-2019-0232 high
Security Advisory Report - OBSO-1905-02 OBSO-1905-02 CVE-2019-0708 high
Security Advisory Report - OBSO-1904-01 OBSO-1904-01 medium
InAttend and CMG Suite Password vulnerability 19-0002 CVE-2018-19275 critical
Security Advisory for Mitel CMG Suite SQL Injection Vulnerability 19-0003 CVE-2018-18285, CVE-2018-18286 medium
Mitel MiVoice 6800 and 6900 SIP series phones weak authentication vulnerability 19-0001 medium
Security Advisory Report - OBSO-1903-01 OBSO-1903-01 medium
Security Advisory Report - Security Advisory Report - OBSO-1810-01 OBSO-1810-01 low
Security Advisory Report - OBSO-1812-01 OBSO-1812-01 low
Apache Struts 2 Remote Code Execution Vulnerability 18-0010 CVE-2018-11776 high
MiCollab SQL Injection and Stored XSS vulnerabilities 18-0011 high
MiCollab Authorization Vulnerability 18-0012 CVE-2018-18819 medium
Security Advisory Report - OBSO-1806-03 OBSO-1806-03 CVE-2018-8009, CVE-2018-8009 medium
Security Advisory Report - OBSO-1703-02 OBSO-1703-02 CVE-2018-11776, CVE 2017-5638 info
MiVoice 5300 IP Series Phone Denial of Service Vulnerability 18-0009 CVE-2018-1549 critical
ST 14.2 Reflected XSS Vulnerability 18-0007 CVE-2018-12901 medium
MiVoice Office 400 Reflected XSS Vulnerability 18-0008 CVE-2018-16226 medium
Security Advisory Report - OBSO-1808-01 OBSO-1808-01 low
Security Advisory Report - OBSO-1807-01 OBSO-1807-01 high
Side-Channel Analysis Vulnerabilities 18-0001 CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 medium
Security Advisory Report - OBSO-1806-02 OBSO-1806-02 CVE-2018-100000, CVE-2018-100011 medium
Side-Channel Analysis, Spectre Variant 4 and 3a 18-0006 CVE-2018-3640, CVE-2018-3640 medium
Security Advisory Report - OBSO-1806-01 OBSO-1806-01 CVE-2018-100013 medium
Security Advisory Report - OBSO-1611-01 OBSO-1611-01 CVE-2016-5195 high
Security Advisory Report - OBSO-1805-01 OBSO-1805-01 CVE-2018-1270, CVE-2018-1275 high
Security Advisory Report - OBSO-1512-02 OBSO-1512-02 CVE-2015-3194 medium
Connect OnSite and ST 14.2 Multiple PHP Vulnerabilities 18-0004 CVE-2018-5779, CVE-2018-5780, CVE-2018-5781, CVE-2018-5782, CVE-2017-16250, CVE-2017-16251 high
Mitel for Salesforce XSS Vulnerability 18-0005 high
Security Advisory Report - OBSO-1711-01 OBSO-1711-01 CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088 medium
XML External Entity (XXE) Vulnerability in MiCollab AWV 18-0002 CWE-918 high
Stay one step ahead

Get notifications of the latest security advisories sent right to your inbox!