CVE-2020-13617
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/08/2020
Last modified:
01/09/2020
Description
The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:mitel:6863_firmware:*:*:*:*:*:*:*:* | 5.0 (including) | |
| cpe:2.3:o:mitel:6863_firmware:5.1:-:*:*:*:*:*:* | ||
| cpe:2.3:o:mitel:6863_firmware:5.1:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:mitel:6863_firmware:5.1:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:mitel:6863_firmware:5.1:sp3:*:*:*:*:*:* | ||
| cpe:2.3:o:mitel:6863_firmware:5.1:sp4:*:*:*:*:*:* | ||
| cpe:2.3:h:mitel:6863:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mitel:6865_firmware:*:*:*:*:*:*:*:* | 5.0 (including) | |
| cpe:2.3:o:mitel:6865_firmware:5.1:-:*:*:*:*:*:* | ||
| cpe:2.3:o:mitel:6865_firmware:5.1:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:mitel:6865_firmware:5.1:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:mitel:6865_firmware:5.1:sp3:*:*:*:*:*:* | ||
| cpe:2.3:o:mitel:6865_firmware:5.1:sp4:*:*:*:*:*:* | ||
| cpe:2.3:h:mitel:6865:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mitel:6867_firmware:*:*:*:*:*:*:*:* | 5.0 (including) |
To consult the complete list of CPE names with products and versions, see this page