Mivoice Business
Vulnerabilities
2
Known exploited
0
Max CVSS
9.8
Top EPSS
0.60631
Severity breakdown
Critical
1
High
0
Medium
1
Low
0
Affected version ranges
≤ 9.3.0.27
Also matched as (raw): micollab,mivoic_mx-one,mivoice_connect,micloud_management_portal,mivoice_business,mivoice_business_express,mivoice_5000,mivoice_border_gateway,open_integration_gateway
Top vulnerabilities
CVE-2022-31784A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker (that has network access to the management interface) to conduct a buffer overflow attack due to insufficient validation of URL parameters. A successful exploit could allow arbitrary code execution.
CVE-2018-3639Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.