Security Advisory

CVE-2023-39285

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-14 00:00:00
Last updated 2024-09-25 20:07:55
Assigner mitre
State PUBLISHED

Description

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24.5800.0) could allow an unauthenticated attacker to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modified URL, potentially enabling them to modify system configuration settings.