SECURITY ADVISORIES

Mitel Product Security Advisories are published for moderate and high-risk security issues. Each advisory provides information on the status of investigation and provides additional information on products confirmed to be affected and recommended action to be taken by customers. Advisories are posted in reverse chronological order.


This information is provided on an "as is" basis and does not grant or imply any guarantees or warranties, including the warranties of merchantability or fitness for a particular use. Mitel does not guarantee that any of the information is accurate or up to date. By using the information, you acknowledge and agree that your use of the information, or the documents or materials linked to this information, is at your own risk. In addition, Mitel’s provision of this information shall not and does not affect the terms or conditions of any agreement with Mitel. Mitel reserves the right to change or update this information without notice at any time.

Click here for a more comprehensive details on Mitel’s Product Security Policy ›


STAY ONE STEP AHEAD

GET NOTIFICATIONS OF THE LATEST SECURITY ADVISORIES SENT RIGHT TO YOUR INBOX EVERY WEEK!

SIGN UP
Description Advisory ID CVE# Severity Publish Date Last Updated
OpenSSH: authentication limitsbypass (CVE-2015-5600) 15-0009 CVE-2015-5600 high 2015-09-04 2015-09-04
OpenStage 60 / OpenScape Desk Phone IP 55G – Local service exposure vulnerability (CVE-2015-5391) OBSO-1508-02 CVE-2015-5391 medium 2015-08-13 2015-08-13
OpenScape Contact Center CDSS – Multiple vulnerabilities fixed in V8 R2.10.11192 OBSO-1508-01 - medium 2015-08-05 2015-08-05
OpenSSL Alternative Chains Certificate Forgery (CVE-2015-1793) 15-0008 CVE-2015-1793 medium 2015-07-31 2015-07-31
CGI Flaw in MiCollab AWV 15-0006 N/A medium 2015-07-31 2015-07-31
Weakness in Diffie-Hellman key exchange / Logjam 15-0004 CVE-2015-1716 CVE-2015-4000 low 2015-07-31 2015-09-29
OpenScape UC Web Client and Desktop Client – Cross-Site Scripting (XSS) Vulnerability OBSO-1505-03 - medium 2015-05-22 2015-05-22
Leap Second on 2015-06-30 – Security Note for Unify Products OBSO-1505-01 - info 2015-05-21 2015-05-21
OpenStage / OpenScape Desk Phone IP – HTTP header parsing vulnerability (CVE-2014-9708) OBSO-1505-02 CVE-2014-9708 medium 2015-05-08 2015-08-13
Samba smbd – Remote Code Execution Vulnerability in netlogon server (CVE-2015-0240) OBSO-1503-02 CVE-2015-0240 high 2015-03-31 2015-03-31
OpenScape SBC V8 – SIP Authentication Bypass Vulnerability (CVE-2015-2057) OBSO-1503-01 CVE-2015-2057 high 2015-03-03 2015-03-24
OpenStage / OpenScape Desk Phone IP – Input Validation Vulnerability via Web Interface (CVE-2014-9563) OBSO-1501-02 CVE-2014-9563 low 2015-02-26 2015-02-26
GNU glibc Remote Buffer Overflow Vulnerability in gethostbyname – “Ghost” (CVE-2015-0235) OBSO-1501-04 CVE-2015-0235 low 2015-01-31 2016-10-10
OpenScape Business UC Suite – SQL Injection Vulnerability (CVE-2015-1183) OBSO-1501-03 CVE-2015-1183 high 2015-01-27 2015-01-27
OpenStage / OpenScape Desk Phone IP – Authentication Bypass Vulnerability in WPI Default Mode (CVE-2015-1184) OBSO-1501-01 CVE-2015-1184 high 2015-01-20 2015-03-24
Hardening of the Intelligent Platform Management Interface (IPMI) on Unify Servers OBSO-1412-03 - info 2014-12-31 2014-12-31
NTP – Multiple Stack Based Buffer Overflow Vulnerabilities (CVE-2014-9295) OBSO-1412-02 CVE-2014-9295 medium 2014-12-23 2015-01-27
Microsoft Windows Remote Code Execution Vulnerability in Schannel (“Winshock”, MS14-066, CVE-2014-6321) OBSO-1412-01 CVE-2014-6321 high 2014-12-01 2015-06-16
OpenScape Business – Getting Root Access OBSO-1410-03 - low 2014-10-24 2014-10-26
SSL 3.0 “POODLE” vulnerability (CVE-2014-3566) OBSO-1410-02 CVE-2014-3566 low 2014-10-17 2014-10-17

Stay One Step Ahead

Ready to talk to sales? Contact us.
Find a Partner +44 1291 430 000 Email Us