The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA.
References
Link | Resource |
---|---|
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0002 | Vendor Advisory |
Configurations
History
05 May 2022, 18:25
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mitel mivoice Connect
Mitel |
|
CPE | cpe:2.3:a:mitel:mivoice_connect:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
CWE | CWE-20 | |
References | (CONFIRM) https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0002 - Vendor Advisory |
26 Apr 2022, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-26 02:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-29499
Mitre link : CVE-2022-29499
CVE.ORG link : CVE-2022-29499
JSON object : View
Products Affected
mitel
- mivoice_connect
CWE
CWE-20
Improper Input Validation