Mitel Product Security Advisory 19-0005

Linux Sudo Bypass of User Restrictions Vulnerability

Advisory ID: 19-0005

First Issue Date: (2019-11-12)

Last Updated: 2019-11-26

Revision: 1.1

Summary

A new vulnerability was recently discovered in the sudo package used in Linux and related operating systems. The sudo vulnerability is a security policy bypass that provides a user or a program the ability to execute commands as high privilege root user on a Linux system. Exploiting the vulnerability requires the user to have sudo privileges that allow them to run commands with any arbitrary user ID other than root.

Risk Assessment

Mitel Products are not vulnerable to this issue. Mitel products by default are configured with Linux operating systems user restrictions, access mechanisms such as local accounts and security policy bypass are not permitted.

Affected Products

Mitel Products are not vulnerable to this issue. Updates will be provided to this Advisory if required.

Related CVEs / CWEs / Advisories

CVE-2019-14287

Revision History

Version	Date	Description
1.0	2019-11-12	Initial version
1.1	2019-11-26	Updated

First Name

Last Name

Email Address

Relationship to Mitel

By providing the above information, you agree that we may process your personal data in accordance with our Privacy Policy.

Do you agree to the terms and conditions of using our services?