CVE-2020-13617

The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
mitel6863_firmware
𝑥
≤ 5.0
mitel6863_firmware
5.1
mitel6863_firmware
5.1:sp1
mitel6863_firmware
5.1:sp2
mitel6863_firmware
5.1:sp3
mitel6863_firmware
5.1:sp4
mitel6865_firmware
𝑥
≤ 5.0
mitel6865_firmware
5.1
mitel6865_firmware
5.1:sp1
mitel6865_firmware
5.1:sp2
mitel6865_firmware
5.1:sp3
mitel6865_firmware
5.1:sp4
mitel6867_firmware
𝑥
≤ 5.0
mitel6867_firmware
5.1
mitel6867_firmware
5.1:sp1
mitel6867_firmware
5.1:sp2
mitel6867_firmware
5.1:sp3
mitel6867_firmware
5.1:sp4
mitel6869_firmware
𝑥
≤ 5.0
mitel6869_firmware
5.1
mitel6869_firmware
5.1:sp1
mitel6869_firmware
5.1:sp2
mitel6869_firmware
5.1:sp3
mitel6869_firmware
5.1:sp4
mitel6873_firmware
𝑥
≤ 5.0
mitel6873_firmware
5.1
mitel6873_firmware
5.1:sp1
mitel6873_firmware
5.1:sp2
mitel6873_firmware
5.1:sp3
mitel6873_firmware
5.1:sp4
mitel6940_firmware
𝑥
≤ 5.0
mitel6940_firmware
5.1
mitel6940_firmware
5.1:sp1
mitel6940_firmware
5.1:sp2
mitel6940_firmware
5.1:sp3
mitel6940_firmware
5.1:sp4
mitel6970_firmware
𝑥
≤ 5.0
mitel6970_firmware
5.1
mitel6970_firmware
5.1:sp1
mitel6970_firmware
5.1:sp2
mitel6970_firmware
5.1:sp3
mitel6970_firmware
5.1:sp4
mitel6930_firmware
𝑥
≤ 5.0
mitel6930_firmware
5.1
mitel6930_firmware
5.1:sp1
mitel6930_firmware
5.1:sp2
mitel6930_firmware
5.1:sp3
mitel6930_firmware
5.1:sp4
mitel6920_firmware
𝑥
≤ 5.0
mitel6920_firmware
5.1
mitel6920_firmware
5.1:sp1
mitel6920_firmware
5.1:sp2
mitel6920_firmware
5.1:sp3
mitel6920_firmware
5.1:sp4
mitel6905_firmware
𝑥
≤ 5.0
mitel6905_firmware
5.1
mitel6905_firmware
5.1:sp1
mitel6905_firmware
5.1:sp2
mitel6905_firmware
5.1:sp3
mitel6905_firmware
5.1:sp4
mitel6910_firmware
𝑥
≤ 5.0
mitel6910_firmware
5.1
mitel6910_firmware
5.1:sp1
mitel6910_firmware
5.1:sp2
mitel6910_firmware
5.1:sp3
mitel6910_firmware
5.1:sp4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.mitel.com/support/security-advisories
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007
https://www.mitel.com/support/security-advisories
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0007