Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request.
Fixes

Solution

AMTELCO has developed an update, Version 6.3, that resolves these vulnerabilities. Schedule an upgrade by emailing or calling AMTELCO’s Field Engineering Department at: email:  https://service.amtelco.com/INFINITY/MSM/MSM6.2SecurityBriefing.pdf


Workaround

No workaround given by the vendor.

History

Thu, 02 Oct 2025 22:45:00 +0000

Type Values Removed Values Added
Title AMTELCO miSecure Information Exposure
Weaknesses CWE-200
References
Metrics cvssV2_0

{'score': 3.5, 'vector': 'AV:N/AC:M/Au:S/C:P/I:N/A:N'}

cvssV2_0

{'score': 7, 'vector': 'AV:N/AC:M/Au:S/C:C/I:P/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2025-10-02T22:36:07.818Z

Reserved: 2014-03-13T00:00:00

Link: CVE-2014-2347

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2014-05-06T10:44:06.050

Modified: 2025-10-02T23:15:30.657

Link: CVE-2014-2347

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.