CVE-2024-42514

HIGH

8.1

Description

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires user interaction and could allow an attacker to access sensitive information and send unauthorized messages during an active chat session.

Details CVE

Score CVSS v3.18.1

SeveriteHIGH

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurREQUIRED

Publie10/1/2024

Derniere modification5/30/2025

Sourcenvd

Observations honeypot0

Produits affectes

mitel:micontact_center_business

Faiblesses (CWE)

CWE-284

References

https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_24-0024-001-v2.pdf(cve@mitre.org)

https://www.mitel.com/support/security-advisories(cve@mitre.org)

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0024(cve@mitre.org)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.