SECURITY ADVISORIES

Mitel Product Security Advisories are published for moderate and high-risk security issues. Each advisory provides information on the status of investigation and provides additional information on products confirmed to be affected and recommended action to be taken by customers. Advisories are posted in reverse chronological order.


This information is provided on an "as is" basis and does not grant or imply any guarantees or warranties, including the warranties of merchantability or fitness for a particular use. Mitel does not guarantee that any of the information is accurate or up to date. By using the information, you acknowledge and agree that your use of the information, or the documents or materials linked to this information, is at your own risk. In addition, Mitel’s provision of this information shall not and does not affect the terms or conditions of any agreement with Mitel. Mitel reserves the right to change or update this information without notice at any time.

Click here for a more comprehensive details on Mitel’s Product Security Policy ›


STAY ONE STEP AHEAD

GET NOTIFICATIONS OF THE LATEST SECURITY ADVISORIES SENT RIGHT TO YOUR INBOX EVERY WEEK!

Description Advisory ID CVE# Severity Publish Date Last Updated
Multiple Oracle Java Vulnerabilities 15-0012 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4734 CVE-2015-4748 CVE-2015-4760 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 high to medium 2015-12-04 2016-05-02
Non-unique X.509 certificates in OpenStage / OpenScape Desk Phone IP (CVE-2015-8251) OBSO-1511-02 CVE-2015-8251 medium 2015-11-30 2015-11-30
Deserialisation of Java-objects – Vulnerability in Applications involving Apache Commons-Collections Classes (CVE-2015-8237/CVE-2015-8238) OBSO-1511-01 CVE-2015-8237, CVE-2015-8238 high 2015-11-17 2016-01-22
Security Advisory for MiCC 15-0007 N/A low 2015-11-04 2015-11-04
OpenScape Xpressions – unauthorized external calls via guest access (CVE-2015-7693) OBSO-1510-01 CVE-2015-7693 medium 2015-10-26 2016-05-13
OpenSSH: authentication limitsbypass (CVE-2015-5600) 15-0009 CVE-2015-5600 high 2015-09-04 2015-09-04
OpenStage 60 / OpenScape Desk Phone IP 55G – Local service exposure vulnerability (CVE-2015-5391) OBSO-1508-02 CVE-2015-5391 medium 2015-08-13 2015-08-13
OpenScape Contact Center CDSS – Multiple vulnerabilities fixed in V8 R2.10.11192 OBSO-1508-01 - medium 2015-08-05 2015-08-05
OpenSSL Alternative Chains Certificate Forgery (CVE-2015-1793) 15-0008 CVE-2015-1793 medium 2015-07-31 2015-07-31
CGI Flaw in MiCollab AWV 15-0006 N/A medium 2015-07-31 2015-07-31
Weakness in Diffie-Hellman key exchange / Logjam 15-0004 CVE-2015-1716 CVE-2015-4000 low 2015-07-31 2015-09-29
OpenScape UC Web Client and Desktop Client – Cross-Site Scripting (XSS) Vulnerability OBSO-1505-03 - medium 2015-05-22 2015-05-22
Leap Second on 2015-06-30 – Security Note for Unify Products OBSO-1505-01 - info 2015-05-21 2015-05-21
OpenStage / OpenScape Desk Phone IP – HTTP header parsing vulnerability (CVE-2014-9708) OBSO-1505-02 CVE-2014-9708 medium 2015-05-08 2015-08-13
Samba smbd – Remote Code Execution Vulnerability in netlogon server (CVE-2015-0240) OBSO-1503-02 CVE-2015-0240 high 2015-03-31 2015-03-31
OpenScape SBC V8 – SIP Authentication Bypass Vulnerability (CVE-2015-2057) OBSO-1503-01 CVE-2015-2057 high 2015-03-03 2015-03-24
OpenStage / OpenScape Desk Phone IP – Input Validation Vulnerability via Web Interface (CVE-2014-9563) OBSO-1501-02 CVE-2014-9563 low 2015-02-26 2015-02-26
GNU glibc Remote Buffer Overflow Vulnerability in gethostbyname – “Ghost” (CVE-2015-0235) OBSO-1501-04 CVE-2015-0235 low 2015-01-31 2016-10-10
OpenScape Business UC Suite – SQL Injection Vulnerability (CVE-2015-1183) OBSO-1501-03 CVE-2015-1183 high 2015-01-27 2015-01-27
OpenStage / OpenScape Desk Phone IP – Authentication Bypass Vulnerability in WPI Default Mode (CVE-2015-1184) OBSO-1501-01 CVE-2015-1184 high 2015-01-20 2015-03-24
Ready to talk to sales? Contact us.