SECURITY ADVISORIES

Mitel Product Security Advisories are published for moderate and high-risk security issues. Each advisory provides information on the status of investigation and provides additional information on products confirmed to be affected and recommended action to be taken by customers. Advisories are posted in reverse chronological order.

For Unify product portfolio customers looking for security advisory information about their applications, product security vulnerabilities are published at unify.com/en/support/security-advisories.

This information is provided on an "as is" basis and does not grant or imply any guarantees or warranties, including the warranties of merchantability or fitness for a particular use. Mitel does not guarantee that any of the information is accurate or up to date. By using the information, you acknowledge and agree that your use of the information, or the documents or materials linked to this information, is at your own risk. In addition, Mitel’s provision of this information shall not and does not affect the terms or conditions of any agreement with Mitel. Mitel reserves the right to change or update this information without notice at any time.

Click here for a more comprehensive details on Mitel’s Product Security Policy ›


STAY ONE STEP AHEAD

GET NOTIFICATIONS OF THE LATEST SECURITY ADVISORIES SENT RIGHT TO YOUR INBOX EVERY WEEK!

SIGN UP
Description Advisory ID CVE# Severity Publish Date Last Updated
MiVoice Connect Mobility Router Command Injection Vulnerability 23-0007 CVE-2023-31460 high 2023-05-17 2023-05-17
MiVoice Connect Mobility Router Default Password Vulnerability 23-0006 CVE-2023-31459 high 2023-05-17 2023-05-17
MiVoice Connect Default Password Vulnerability 23-0005 CVE-2023-31458 critical 2023-05-17 2023-05-17
MiVoice Connect Improper Access Control Vulnerability 23-0004 CVE-2023-31457 CVE-2023-32748 critical 2023-05-17 2023-05-17
MiVoice Connect Reflected Cross-site Scripting Vulnerability 23-0003 CVE-2023-25598 CVE-2023-25599 medium 2023-05-17 2023-05-17
MiCollab Authentication Vulnerability 23-0002 CVE-2023-25597 medium 2023-04-05 2023-04-05
MiContact Center Business Local File Inclusion Vulnerability 23-0001 CVE-2023-22854 high 2023-01-18 2023-01-18
Mitel MiCollab Authorization Control Vulnerability 22-0009 CVE-2022-41326 critical 2022-10-12 2022-10-12
MiVoice Connect Code Injection Vulnerability 22-0008 CVE-2022-41223 medium 2022-10-12 2022-10-13
MiVoice Connect Command Injection Vulnerability 22-0007 CVE-2022-40765 medium 2022-10-12 2022-10-13
Mitel MiCollab Multiple Security Vulnerabilities 22-0006 CVE-2022-36451 CVE-2022-36452 CVE-2022-36453 CVE-2022-36454 medium 2022-07-27 2022-08-29
MiVoice Business, MiVoice Business Express Buffer Overflow Vulnerability 22-0005 CVE-2022-31784 critical 2022-06-08 2022-06-08
Mitel 6800 Series SIP Phone and 6900 Series SIP Phone Access Control Vulnerability 22-0004 CVE-2022-29855 medium 2022-05-03 2022-05-03
Mitel 6900 Series IP Phone Access Control Vulnerability 22-0003 CVE-2022-29854 medium 2022-05-03 2022-05-12
MiVoice Connect Data Validation Vulnerability 22-0002 CVE-2022-29499 critical 2022-04-19 2022-07-06
MiCollab, MiVoice Business Express Access Control Vulnerability 22-0001 CVE-2022-26143 critical 2022-02-22 2022-03-11
Vulnerability in Apache Log4j Libraries Affecting Mitel Products 21-0010 CVE-2021-44228 CVE-2021-45046 CVE-2021-45105 CVE-2021-44832 CVE-2021-4104 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 critical 2021-12-13 2022-11-16
Mitel Interaction Call Recording Vulnerability 21-0006 CVE-2021-37586 medium 2021-08-02 2021-08-02
Mitel MiCollab Multiple Security Vulnerabilities 21-0005 CVE-2021-32067 CVE-2021-32072 CVE-2021-32068 CVE-2021-32071 CVE-2021-32069 CVE-2021-32070 high to medium 2021-05-24 2021-05-24
Mitel MiCollab Multiple Security Vulnerabilities 21-0004 CVE-2021-27402 CVE-2021-27401 medium 2021-03-09 2021-03-09

Stay One Step Ahead

Ready to talk to sales? Contact us.
Find a Partner (844) 319-5912 Email Us