Mitel MiVoice Connect <=9.6 Improper Config Allows Acc Enum
CVE-2023-39289 Published on August 25, 2023
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2023-39289 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2023-39289
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-39289 are published in Mitel Mivoice Connect:
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.