SECURITY ADVISORIES

Mitel Product Security Advisories are published for moderate and high-risk security issues. Each advisory provides information on the status of investigation and provides additional information on products confirmed to be affected and recommended action to be taken by customers. Advisories are posted in reverse chronological order.


This information is provided on an "as is" basis and does not grant or imply any guarantees or warranties, including the warranties of merchantability or fitness for a particular use. Mitel does not guarantee that any of the information is accurate or up to date. By using the information, you acknowledge and agree that your use of the information, or the documents or materials linked to this information, is at your own risk. In addition, Mitel’s provision of this information shall not and does not affect the terms or conditions of any agreement with Mitel. Mitel reserves the right to change or update this information without notice at any time.

Click here for a more comprehensive details on Mitel’s Product Security Policy ›


STAY ONE STEP AHEAD

GET NOTIFICATIONS OF THE LATEST SECURITY ADVISORIES SENT RIGHT TO YOUR INBOX EVERY WEEK!

Description Advisory ID CVE# Severity Publish Date Last Updated
Spring Framework Remote Code Execution Vulnerability (Spring4Shell, CVE-2022-22965) OBSO-2204-01 CVE-2022-22965 critical 2022-04-04 2022-04-14
Path Traversal vulnerability within Atos Unify OpenScape Deployment Service OBSO-2203-03 - high 2022-03-16 2022-03-16
Linux Kernel lib/iov_iter.c Multiple Functions Missing Flag Initialization Read-only File Overwrite Local Privilege Escalation (CVE-2022-0847/Dirty Pipe) OBSO-2203-02 CVE-2022-0847 medium 2022-03-16 2023-01-16
Remote code execution vulnerability in Atos Unify OpenScape SBC , Atos Unify OpenScape Branch and Atos Unify OpenScape BCF (CVE-2022-36444) OBSO-2203-01 CVE-2022-36444 high 2022-03-03 2022-03-14
MiCollab, MiVoice Business Express Access Control Vulnerability 22-0001 CVE-2022-26143 critical 2022-02-22 2022-03-11
Security Update Advisory for Atos Unify OpenScape Composer OBSO-2202-02 - high 2022-02-07 2022-02-07
pwnkit: Local Privilege Escalation in polkit’s pkexec (CVE-2021-4034) OBSO-2202-01 CVE-2021-4034 high 2022-02-03 2022-08-12
Directory Traversal vulnerability in Atos Unify OpenScape Xpressions OBSO-2201-02 - high 2022-01-24 2022-02-10
Apache Log4j JMSAppender Class Configuration Property Handling JNDI Lookup Local Privilege Escalation Weakness (CVE-2021-4104) OBSO-2201-01 CVE-2021-4104 medium to high 2022-01-18 2023-01-16
Critical vulnerability in Apache Log4j (Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105 OBSO-2112-01 CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 high 2021-12-13 2022-06-29
Vulnerability in Apache Log4j Libraries Affecting Mitel Products 21-0010 CVE-2021-44228 CVE-2021-45046 CVE-2021-45105 CVE-2021-44832 CVE-2021-4104 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 critical 2021-12-13 2022-11-16
Atos Unify OpenScape Concierge Vulnerabilities and Configuration Note OBSO-2111-01 - high 2021-11-22 2022-01-05
Atos Unify Product Security Configuration Note OBSO-2110-01 - info 2021-10-14 2021-10-14
Mitel Interaction Call Recording Vulnerability 21-0006 CVE-2021-37586 medium 2021-08-02 2021-08-02
Update of Security Checklist for Atos Unify OpenScape Alarm Response OBSO-2107-02 - info 2021-07-26 2021-07-26
Local privilege escalation vulnerability within Atos Unify OpenScape 4000 Assistant and Atos Unify OpenScape 4000 Manager OBSO-2107-01 - medium 2021-07-01 2022-04-01
Mitel MiCollab Multiple Security Vulnerabilities 21-0005 CVE-2021-32067 CVE-2021-32072 CVE-2021-32068 CVE-2021-32071 CVE-2021-32069 CVE-2021-32070 high to medium 2021-05-24 2021-05-24
OpenSSL Remote Denial of Service vulnerability (CVE-2021-3449) OBSO-2103-01 CVE-2021-3449 high 2021-03-31 2022-01-25
Mitel MiCollab Multiple Security Vulnerabilities 21-0004 CVE-2021-27402 CVE-2021-27401 medium 2021-03-09 2021-03-09
Mitel MiContact Center Enterprise - Directory Traversal Vulnerability 21-0003 CVE-2021-26714 critical 2021-02-16 2021-02-16
Ready to talk to sales? Contact us.