← back
CVE-2024-31965

CVE-2024-31965

CVSS 4.2 MEDIUMEPSS 0.2%CWE-20CWE-22
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.2EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
02 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker with administrative privilege to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow an attacker to access sensitive information.
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected products
n/a · n/a