CVE-2020-13617
Last modified
CVE-2020-13617 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts.. EPSS estimates a 1.15% chance of exploitation in the next 30 days.
Description
The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Mitel | 6863 Firmware | <= 5.0 |
| Mitel | 6863 Firmware | 5.1 |
| Mitel | 6865 Firmware | <= 5.0 |
| Mitel | 6865 Firmware | 5.1 |
| Mitel | 6867 Firmware | <= 5.0 |
| Mitel | 6867 Firmware | 5.1 |
| Mitel | 6869 Firmware | <= 5.0 |
| Mitel | 6869 Firmware | 5.1 |
| Mitel | 6873 Firmware | <= 5.0 |
| Mitel | 6873 Firmware | 5.1 |
| Mitel | 6940 Firmware | <= 5.0 |
| Mitel | 6940 Firmware | 5.1 |
| Mitel | 6970 Firmware | <= 5.0 |
| Mitel | 6970 Firmware | 5.1 |
| Mitel | 6930 Firmware | <= 5.0 |
| Mitel | 6930 Firmware | 5.1 |
| Mitel | 6920 Firmware | <= 5.0 |
| Mitel | 6920 Firmware | 5.1 |
| Mitel | 6905 Firmware | <= 5.0 |
| Mitel | 6905 Firmware | 5.1 |
| Mitel | 6910 Firmware | <= 5.0 |
| Mitel | 6910 Firmware | 5.1 |
References
- https://www.mitel.com/support/security-advisoriesVendor Advisory
- https://www.mitel.com/support/security-advisoriesVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-13617?
How severe is CVE-2020-13617?
How do I fix CVE-2020-13617?
Are you affected by CVE-2020-13617?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST