{ "id": "CVE-2020-13617", "sourceIdentifier": "cve@mitre.org", "published": "2020-08-26T18:15:10.113", "lastModified": "2024-11-21T05:01:36.643", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts." }, { "lang": "es", "value": "El componente de la Interfaz de Usuario Web de los Tel\u00e9fonos SIP de la Serie Mitel MiVoice 6800 y 6900 con versiones de firmware anteriores a 5.1.0.SP5, podr\u00eda permitir a un atacante no autenticado exponer informaci\u00f3n confidencial debido a un manejo inapropiado de la memoria durante los intentos fallidos de inicio de sesi\u00f3n" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "baseScore": 5.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-307" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6863_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "F7AE79A3-8F8B-4964-93A0-734C6982AF80" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6863_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "60148792-AA6E-4D0E-A919-92CFBDA93427" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6863_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "580264D3-8677-4C5C-82E2-038C3CE9E321" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6863_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "714633DB-BF06-4C59-9CE6-01C6C3BE4DFA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6863_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "80ABBFBA-BA41-4163-99D4-1B0341BDFFCE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6863_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "EA3EC57A-E03B-44A8-AC15-3FF696EEAA1E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6863:-:*:*:*:*:*:*:*", "matchCriteriaId": "8931208E-AE65-4BFA-98C6-9BFC7F17167E" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6865_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "FF357FE4-9FF1-4EA8-8C23-80FEA0098079" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6865_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "B47EF143-7163-494E-839F-24FF05FE0908" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6865_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "9E076FEB-C607-48B1-BA7B-2EAABB4F5E97" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6865_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "6178F195-9543-4D2B-A5BA-2D2CA1B3D1D0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6865_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "373CC71D-10BB-4EB2-858E-31658F8A2FDE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6865_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "C6041B7B-D4BF-4298-AC53-FEC62C468289" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6865:-:*:*:*:*:*:*:*", "matchCriteriaId": "031C26C6-91DA-4876-B2B3-7F903527D9DE" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6867_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "E4CCE18F-073D-4CB4-81FD-1DCBC3C95EB1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6867_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "1A073A3C-4F10-4AB6-A4C6-808C27DCD7C3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6867_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "7F8D49A0-B21E-4DBF-919A-C859B56A72B9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6867_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "EAFCF656-7180-49AC-BCB4-9C878D808E49" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6867_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "8E94FE44-81C7-437E-9079-4F1AB58FC328" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6867_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "A080097A-3C0D-4CAA-81C5-4AF34DB183ED" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6867:-:*:*:*:*:*:*:*", "matchCriteriaId": "3CA28BDA-2FE9-4D6C-B209-639FFC41BB82" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6869_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "BDCC23D8-CDE8-44DA-ACD7-FB0E45F8EEB0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6869_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "F9A4026F-B540-41D3-A8D4-ADBA3042DB3B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6869_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "DB2CFF02-1DA3-40A7-A8C1-B26EF961B21C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6869_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "137C5C8F-76EA-41BC-A49C-E175B3FFFEBC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6869_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "0D413BB8-B97D-4729-AB13-B71F102881D5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6869_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "C47C4102-0361-4891-AE23-1AF8706417CA" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6869:-:*:*:*:*:*:*:*", "matchCriteriaId": "06E937DB-9C85-4B51-B7C2-AE692C9DB1E7" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6873_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "A9A7C4C1-74EB-4438-94B9-9900C9EF4CFE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6873_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "2F65438A-A8D3-4B07-A0F4-046F0F373CA6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6873_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "131EA8EB-0F54-4BF5-BDC4-554E9D0A260B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6873_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "EA7ECE31-AE0F-4168-9FA9-5A5F4D1BDF92" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6873_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "D124E8A4-1C96-4D21-8D39-DFBF49D1CB3F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6873_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "5B8B4A44-67F2-4199-B66A-DF4DCE9DF697" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6873:-:*:*:*:*:*:*:*", "matchCriteriaId": "E2A85278-841C-497E-86D5-A9B0C401EC09" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6940_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "A2384567-4806-46BD-9317-94D868804794" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6940_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "5F222056-AFC7-44FA-BB76-CEE9F4139F04" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6940_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "B86EAEC7-BFB5-488F-9CEB-27D57F6E7973" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6940_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "E07B64F3-206C-41D1-B0D1-FDA1B458CA06" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6940_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "959BA4C3-1E94-47F6-BB6E-92B44DED9B78" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6940_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "622145EA-842A-48B8-B6AD-3609A7E707F5" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6940:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD3759B6-49DF-44A8-A49E-E2306966B966" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6970_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "E50A91FB-CBC7-4BC0-B706-521BE23550D8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6970_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "44BF1E96-71A4-4194-8640-93CFA93C6728" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6970_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "7CDEE027-A1CC-4249-85E5-A49F9F3976BF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6970_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "E207BA5E-C5BF-4E9D-B6C7-46963EC04B8A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6970_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "50128192-03BE-4B3F-B137-86CE0F6A0F4B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6970_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "4B3A4E83-8BB3-4110-AA9B-E00A60FD85BD" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6970:-:*:*:*:*:*:*:*", "matchCriteriaId": "651C4A02-AE83-4D6E-B49F-D756DF8032F3" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6930_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "44298B54-C7E3-4047-9919-EE5E94426FC6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6930_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "EF8174D1-8F9C-4A37-B81F-C065759ED7BF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6930_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "C7907AA2-1574-4DAF-8BD9-B353DAB65ECE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6930_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "8E961799-6917-4B11-8C3A-B89319CCF5EE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6930_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "3F0EE9B0-D37E-487D-A47C-048AC85E94C0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6930_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "DFD9DABD-628B-4EAA-884E-87F081F43525" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6930:-:*:*:*:*:*:*:*", "matchCriteriaId": "92940D17-30A8-4F1C-95F7-9D7C922C58D8" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6920_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "D01DFA7D-2F04-4474-804D-D98103A322E6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6920_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "E0BE473D-B722-48D2-B858-1B4519491B53" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6920_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "E64AEF5A-5389-4285-B534-03E7B135A321" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6920_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "21F00CAA-56FD-4651-AEE4-584264BA5CBD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6920_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "DC20F25B-34EE-42D2-B477-2225AAD5905D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6920_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "8E6499F7-5DA6-48DB-A1F4-7FD5D02BB416" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6920:-:*:*:*:*:*:*:*", "matchCriteriaId": "313C5AC0-5535-4D83-9404-D1EAA38A5FA6" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6905_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "9138A81A-A3ED-4A93-8ACB-AE0073E03374" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6905_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "27AED609-D33B-4E59-A4FD-85A19EA5FE24" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6905_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "6E31B15B-C8C7-4F0A-AA8A-ABF959C339A2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6905_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "3AD03CB5-F4CD-46A7-A7A7-E208995B8B69" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6905_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "6ED4FE3F-7C99-42C5-B11C-84DCD5C306E1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6905_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "29EDB71D-AC8E-4AA2-B2E3-3F3FB71B1DE2" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6905:-:*:*:*:*:*:*:*", "matchCriteriaId": "BAD555D7-9F4C-46A1-B8DD-D60EB0BA6797" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6910_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.0", "matchCriteriaId": "BDBF6266-6159-45D4-B1CA-250B62772C7F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6910_firmware:5.1:-:*:*:*:*:*:*", "matchCriteriaId": "950AA5D9-5E52-4491-B904-0DAF2A2B0D91" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6910_firmware:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "6AC0F0FE-30C9-4A66-B159-883017426CFF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6910_firmware:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "CF182182-2560-44E0-BE1C-F21CF312344B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6910_firmware:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "730374AE-685E-4825-9891-39D3D9ECCB15" }, { "vulnerable": true, "criteria": "cpe:2.3:o:mitel:6910_firmware:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "31A1FAF6-21AE-43E7-89F1-910EA7865B79" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:mitel:6910:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD92F0F9-CC50-4C36-A7E8-751B6C98E8B4" } ] } ] } ], "references": [ { "url": "https://www.mitel.com/support/security-advisories", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "https://www.mitel.com/support/security-advisories", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] } ] }