SECURITY ADVISORIES

Mitel Product Security Advisories are published for moderate and high-risk security issues. Each advisory provides information on the status of investigation and provides additional information on products confirmed to be affected and recommended action to be taken by customers. Advisories are posted in reverse chronological order.


This information is provided on an "as is" basis and does not grant or imply any guarantees or warranties, including the warranties of merchantability or fitness for a particular use. Mitel does not guarantee that any of the information is accurate or up to date. By using the information, you acknowledge and agree that your use of the information, or the documents or materials linked to this information, is at your own risk. In addition, Mitel’s provision of this information shall not and does not affect the terms or conditions of any agreement with Mitel. Mitel reserves the right to change or update this information without notice at any time.

Click here for a more comprehensive details on Mitel’s Product Security Policy ›


STAY ONE STEP AHEAD

GET NOTIFICATIONS OF THE LATEST SECURITY ADVISORIES SENT RIGHT TO YOUR INBOX EVERY WEEK!

SIGN UP
Description Advisory ID CVE# Severity Publish Date Last Updated
NTPD Vulnerabilities 16-0004 CVE-2015-8138 medium 2016-03-07 2016-05-02
DROWN: Breaking TLS using SSLv2 (CVE-2016-0800) OBSO-1603-02 CVE-2016-0800 info 2016-03-02 2016-10-21
Unify SLES 11-based Server Applications – Support of SLES 11 SP4 OBSO-1603-01 - info 2016-03-01 2016-03-01
glibc: getaddrinfo stack-based buffer overflow (CVE-2015-7547) 16-0007 CVE-2015-7547 high 2016-02-25 2016-05-02
Glibc libresolv – Stack-based Buffer Overflow Vulnerability (CVE-2015-7547) OBSO-1602-02 CVE-2015-7547 high 2016-02-19 2016-04-29
OpenScape Accounting Management – Virus Alert in Installation Procedure OBSO-1602-01 - info 2016-02-05 2016-09-29
OpenSSH Client Vulnerabilities 16-0003 CVE-2016-0777 CVE-2016-0778 info 2016-02-01 2016-02-01
Multiple Weaknesses in Mitel 6700/6800 series SIP phones 16-0002 N/A low 2016-02-01 2016-02-01
SQL Injection Vulnerability in MiCollab 16-0001 N/A high 2016-02-01 2016-02-01
OpenSSH Client Information Leak Vulnerability (CVE-2016-0777) OBSO-1601-01 CVE-2016-0777 low 2016-01-26 2016-04-04
Apache Tomcat Denial of Service Vulnerability in ChunkedInputFilter (CVE-2014-0227) OBSO-1512-04 CVE-2014-0227 medium 2015-12-30 2016-01-22
OpenSSH Login Handling Security Bypass Vulnerability (CVE-2015-5600) OBSO-1512-03 CVE-2015-5600 medium 2015-12-30 2016-10-25
Multiple Unify Products – TLS Denial of Service Vulnerability in OpenSSL Certificate Verification (CVE-2015-3194) OBSO-1512-02 CVE-2015-3194 medium 2015-12-23 2018-03-27
OpenScape Voice – MTLS-SIP Denial of Service Vulnerability in OpenSSL Certificate Verification (CVE-2015-0286) OBSO-1512-01 CVE-2015-0286 medium 2015-12-23 2015-12-23
Java Deserialization Vulnerability 15-0013 N/A medium 2015-12-04 2016-02-01
Multiple Oracle Java Vulnerabilities 15-0012 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4734 CVE-2015-4748 CVE-2015-4760 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 high to medium 2015-12-04 2016-05-02
Non-unique X.509 certificates in OpenStage / OpenScape Desk Phone IP (CVE-2015-8251) OBSO-1511-02 CVE-2015-8251 medium 2015-11-30 2015-11-30
Deserialisation of Java-objects – Vulnerability in Applications involving Apache Commons-Collections Classes (CVE-2015-8237/CVE-2015-8238) OBSO-1511-01 CVE-2015-8237, CVE-2015-8238 high 2015-11-17 2016-01-22
Security Advisory for MiCC 15-0007 N/A low 2015-11-04 2015-11-04
OpenScape Xpressions – unauthorized external calls via guest access (CVE-2015-7693) OBSO-1510-01 CVE-2015-7693 medium 2015-10-26 2016-05-13

Stay One Step Ahead

Ready to talk to sales? Contact us.
Find a Partner +44 1291 430 000 Email Us