Search criteria
4 vulnerabilities found for 6920_firmware by mitel
CVE-2020-13617 (GCVE-0-2020-13617)
Vulnerability from nvd – Published: 2020-08-26 18:02 – Updated: 2024-08-04 12:25
VLAI?
Summary
The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:25:16.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitel.com/support/security-advisories"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-26T18:02:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitel.com/support/security-advisories"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13617",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitel.com/support/security-advisories",
"refsource": "MISC",
"url": "https://www.mitel.com/support/security-advisories"
},
{
"name": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007",
"refsource": "CONFIRM",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13617",
"datePublished": "2020-08-26T18:02:00",
"dateReserved": "2020-05-26T00:00:00",
"dateUpdated": "2024-08-04T12:25:16.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18863 (GCVE-0-2019-18863)
Vulnerability from nvd – Published: 2020-03-02 17:52 – Updated: 2024-08-05 02:02
VLAI?
Summary
A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercept sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitel.com/support/security-advisories"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0006"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercept sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-02T17:52:37",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitel.com/support/security-advisories"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercept sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitel.com/support/security-advisories",
"refsource": "MISC",
"url": "https://www.mitel.com/support/security-advisories"
},
{
"name": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0006",
"refsource": "CONFIRM",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18863",
"datePublished": "2020-03-02T17:52:37",
"dateReserved": "2019-11-11T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13617 (GCVE-0-2020-13617)
Vulnerability from cvelistv5 – Published: 2020-08-26 18:02 – Updated: 2024-08-04 12:25
VLAI?
Summary
The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:25:16.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitel.com/support/security-advisories"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-26T18:02:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitel.com/support/security-advisories"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13617",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitel.com/support/security-advisories",
"refsource": "MISC",
"url": "https://www.mitel.com/support/security-advisories"
},
{
"name": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007",
"refsource": "CONFIRM",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13617",
"datePublished": "2020-08-26T18:02:00",
"dateReserved": "2020-05-26T00:00:00",
"dateUpdated": "2024-08-04T12:25:16.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18863 (GCVE-0-2019-18863)
Vulnerability from cvelistv5 – Published: 2020-03-02 17:52 – Updated: 2024-08-05 02:02
VLAI?
Summary
A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercept sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitel.com/support/security-advisories"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0006"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercept sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-02T17:52:37",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitel.com/support/security-advisories"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercept sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitel.com/support/security-advisories",
"refsource": "MISC",
"url": "https://www.mitel.com/support/security-advisories"
},
{
"name": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0006",
"refsource": "CONFIRM",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18863",
"datePublished": "2020-03-02T17:52:37",
"dateReserved": "2019-11-11T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}