SECURITY ADVISORIES

Mitel Product Security Advisories are published for moderate and high-risk security issues. Each advisory provides information on the status of investigation and provides additional information on products confirmed to be affected and recommended action to be taken by customers. Advisories are posted in reverse chronological order.


This information is provided on an "as is" basis and does not grant or imply any guarantees or warranties, including the warranties of merchantability or fitness for a particular use. Mitel does not guarantee that any of the information is accurate or up to date. By using the information, you acknowledge and agree that your use of the information, or the documents or materials linked to this information, is at your own risk. In addition, Mitel’s provision of this information shall not and does not affect the terms or conditions of any agreement with Mitel. Mitel reserves the right to change or update this information without notice at any time.

Click here for a more comprehensive details on Mitel’s Product Security Policy ›


STAY ONE STEP AHEAD

GET NOTIFICATIONS OF THE LATEST SECURITY ADVISORIES SENT RIGHT TO YOUR INBOX EVERY WEEK!

Description Advisory ID CVE# Severity Publish Date Last Updated
XSS Vulnerability in MiCollab AWV 16-0012 N/A high 2016-06-03 2016-06-03
Multiple Vulnerabilities in ImageMagick 16-0011 CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 high 2016-05-09 2016-06-03
Authentication Bypass and Toll-Fraud on MiVoice Office 250 / Mitel 5000 16-0009 N/A high 2016-03-18 2016-03-18
DROWN (OpenSSL vulnerability) - CVE-2016-0800 16-0008 CVE-2016-0800 medium 2016-03-07 2016-03-07
XSS vulnerability in MiCC 7.x 16-0005 N/A medium 2016-03-07 2016-03-07
NTPD Vulnerabilities 16-0004 CVE-2015-8138 medium 2016-03-07 2016-05-02
DROWN: Breaking TLS using SSLv2 (CVE-2016-0800) OBSO-1603-02 CVE-2016-0800 info 2016-03-02 2016-10-21
Unify SLES 11-based Server Applications – Support of SLES 11 SP4 OBSO-1603-01 - info 2016-03-01 2016-03-01
glibc: getaddrinfo stack-based buffer overflow (CVE-2015-7547) 16-0007 CVE-2015-7547 high 2016-02-25 2016-05-02
Glibc libresolv – Stack-based Buffer Overflow Vulnerability (CVE-2015-7547) OBSO-1602-02 CVE-2015-7547 high 2016-02-19 2016-04-29
OpenScape Accounting Management – Virus Alert in Installation Procedure OBSO-1602-01 - info 2016-02-05 2016-09-29
OpenSSH Client Vulnerabilities 16-0003 CVE-2016-0777 CVE-2016-0778 info 2016-02-01 2016-02-01
Multiple Weaknesses in Mitel 6700/6800 series SIP phones 16-0002 N/A low 2016-02-01 2016-02-01
SQL Injection Vulnerability in MiCollab 16-0001 N/A high 2016-02-01 2016-02-01
OpenSSH Client Information Leak Vulnerability (CVE-2016-0777) OBSO-1601-01 CVE-2016-0777 low 2016-01-26 2016-04-04
Apache Tomcat Denial of Service Vulnerability in ChunkedInputFilter (CVE-2014-0227) OBSO-1512-04 CVE-2014-0227 medium 2015-12-30 2016-01-22
OpenSSH Login Handling Security Bypass Vulnerability (CVE-2015-5600) OBSO-1512-03 CVE-2015-5600 medium 2015-12-30 2016-10-25
Multiple Unify Products – TLS Denial of Service Vulnerability in OpenSSL Certificate Verification (CVE-2015-3194) OBSO-1512-02 CVE-2015-3194 medium 2015-12-23 2018-03-27
OpenScape Voice – MTLS-SIP Denial of Service Vulnerability in OpenSSL Certificate Verification (CVE-2015-0286) OBSO-1512-01 CVE-2015-0286 medium 2015-12-23 2015-12-23
Java Deserialization Vulnerability 15-0013 N/A medium 2015-12-04 2016-02-01
Ready to talk to sales? Contact us.