Mitel.MiVoice.Connect.CVE-2022-29499.Remote.Code.Execution
Description
This indicates an attack attempt against a Remote Code Execution vulnerability in Mitel MiVoice Connect.
The vulnerability is due to insufficient sanitizing of user supplied inputs when handling a crafted HTTP request. A remote unauthenticated attacker could exploit this to execute arbitrary code in the context of the application.
Affected Products
Mitel MiVoice Connect 19.2 SP3 and earlier
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0002
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |