A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker with administrative privilege to conduct an argument injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to access sensitive information, modify system configuration or execute arbitrary commands.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-05-02T00:00:00
Updated: 2024-08-02T01:59:50.762Z
Reserved: 2024-04-08T00:00:00
Link: CVE-2024-31966
Vulnrichment
Updated: 2024-06-14T19:07:55.897Z
NVD
Status : Awaiting Analysis
Published: 2024-05-02T16:15:08.020
Modified: 2024-07-03T01:55:39.753
Link: CVE-2024-31966
Redhat
No data.