CVE-2024-42514

HIGH

8.1

Beschreibung

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires user interaction and could allow an attacker to access sensitive information and send unauthorized messages during an active chat session.

CVE Details

CVSS v3.1 Bewertung8.1

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionREQUIRED

Veroffentlicht10/1/2024

Zuletzt geandert5/30/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

mitel:micontact_center_business

Schwachen (CWE)

CWE-284

Referenzen

https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_24-0024-001-v2.pdf(cve@mitre.org)

https://www.mitel.com/support/security-advisories(cve@mitre.org)

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0024(cve@mitre.org)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.