N/A

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24.5800.0) could allow an unauthenticated attacker to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modified URL, potentially enabling them to modify system configuration settings.

N/A

N/A

Mitel MiVoice Connect 跨站请求伪造漏洞

Mitel MiVoice Connect是加拿大敏迪（Mitel）公司的一款用于集中管理Mitel Networks的呼叫处理和协作工具的软件。 Mitel MiVoice Connect 19.3 SP3 (22.24.5800.0)及之前版本存在安全漏洞，该漏洞源于请求验证不足，可能允许未经身份验证的攻击者执行跨站请求伪造 (CSRF) 攻击，攻击者利用该漏洞可以修改系统配置设置。

N/A

N/A