CVE-2024-36446
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-36446 is a vulnerability affecting Mitel MiVoice MX-ONE's provisioning manager component up to version 7.6 SP1. An authenticated attacker can exploit this issue by performing an authentication bypass attack due to insufficient access control. This weakness enables the attacker to bypass the authorization schema, potentially gaining unauthorized access to the system. Successful exploitation could lead to significant security implications, such as unauthorized configuration changes or data theft. Organizations using this product are urged to apply the necessary patches to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Mitel Networks