Refine your search
3 vulnerabilities found for MiVoice MX-ONE by Mitel
CERTFR-2026-AVI-0672
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Mitel. Elles permettent à un attaquant de provoquer une élévation de privilèges.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mitel | MiVoice Business | MiVoice Business toutes versions 10.3.x | ||
| Mitel | Mitel Open Integration Gateway | Mitel Open Integration Gateway toutes versions 4.3.x | ||
| Mitel | OpenScape SBC | OpenScape SBC version V10.3 sans le correctif de sécurité KB000127880 | ||
| Mitel | OpenScape Branch | OpenScape Branch version V10.3 sans le correctif de sécurité KB000127880 | ||
| Mitel | Mitel SIP DECT | Mitel SIP DECT toutes versions 10.x sans le correctif de sécurité KB000127880 | ||
| Mitel | OpenScape Xpert Clients 6010P | OpenScape Xpert Clients 6010P version V7 sans le correctif de sécurité KB000127880 | ||
| Mitel | Mitel Standard Linux | Mitel Standard Linux toutes versions 12.x | ||
| Mitel | MiVoice Business | MiVoice Business toutes versions 10.1.x | ||
| Mitel | MiVoice MX-ONE | MiVoice MX-ONE toutes versions 8.x sans le correctif de sécurité KB000127880 | ||
| Mitel | OpenScape Voice Server | OpenScape Voice Server version V10 sans le correctif de sécurité KB000127880 | ||
| Mitel | MiVoice MX-ONE | MiVoice MX-ONE toutes versions 7.3 à 7.8 sans le correctif de sécurité KB000127880 | ||
| Mitel | MiCollab | MiCollab toutes versions 10.x sans le correctif de sécurité KB000127880 | ||
| Mitel | OpenScape Voice Server | OpenScape Voice Server version V9R3 JITC sans le correctif de sécurité KB000127880 | ||
| Mitel | OpenScape 4000 | OpenScape 4000 version V11 R0.22 sans le correctif de sécurité KB000127880 | ||
| Mitel | OpenScape 4000 | OpenScape 4000 toutes versions V10 R1.x sans le correctif de sécurité KB000127880 | ||
| Mitel | OpenScape Xpert Clients 6010P | OpenScape Xpert Clients 6010P version V8 sans le correctif de sécurité KB000127880 | ||
| Mitel | OpenScape SBC | OpenScape SBC toutes versions V11.x sans le correctif de sécurité KB000127880 | ||
| Mitel | MiVoice Business | MiVoice Business toutes versions 10.4.x | ||
| Mitel | OpenScape Contact Media Service (used by Mitel CX and OpenScape Contact Center) | OpenScape Contact Media Service (used by Mitel CXand OpenScape Contact Center) toutes versions V12Rx sans le correctif de sécurité KB000127880 | ||
| Mitel | MiVoice 5000 | MiVoice 5000 toutes versions 8.x sans le correctif de sécurité KB000127880 | ||
| Mitel | MiVoice Business | MiVoice Business toutes versions 10.2.x | ||
| Mitel | OpenScape Voice Server | OpenScape Voice Server version V11 sans le correctif de sécurité KB000127880 | ||
| Mitel | Mitel Performance Analytics | Mitel Performance Analytics toutes versions 3.6x sans le correctif de sécurité KB000127880 | ||
| Mitel | MiVoice Business Solution Virtual Instance | MiVoice Business Solution Virtual Instance toutes versions 2.x | ||
| Mitel | OpenScape 4000 | OpenScape 4000 version V11 R1.26 sans le correctif de sécurité KB000127880 | ||
| Mitel | MiVoice Business | MiVoice Business toutes versions 10.5.x | ||
| Mitel | MiCloud Management Portal | MiCloud Management Portal toutes versions 6.3.x | ||
| Mitel | MiVoice Border Gateway | MiVoice Border Gateway toutes versions 12.x | ||
| Mitel | MiVoice Border Gateway | MiVoice Border Gateway toutes versions 11.6.x | ||
| Mitel | OpenScape Branch | OpenScape Branch toutes versions V11.x sans le correctif de sécurité KB000127880 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "MiVoice Business toutes versions 10.3.x",
"product": {
"name": "MiVoice Business",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "Mitel Open Integration Gateway toutes versions 4.3.x",
"product": {
"name": "Mitel Open Integration Gateway",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape SBC version V10.3 sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape SBC",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape Branch version V10.3 sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape Branch",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "Mitel SIP DECT toutes versions 10.x sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "Mitel SIP DECT",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape Xpert Clients 6010P version V7 sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape Xpert Clients 6010P",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "Mitel Standard Linux toutes versions 12.x",
"product": {
"name": "Mitel Standard Linux",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice Business toutes versions 10.1.x",
"product": {
"name": "MiVoice Business",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice MX-ONE toutes versions 8.x sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "MiVoice MX-ONE",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape Voice Server version V10 sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape Voice Server",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice MX-ONE toutes versions 7.3 \u00e0 7.8 sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "MiVoice MX-ONE",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiCollab toutes versions 10.x sans le correctif de s\u00e9curit\u00e9 KB000127880 ",
"product": {
"name": "MiCollab",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape Voice Server version V9R3 JITC sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape Voice Server",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape 4000 version V11 R0.22 sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape 4000",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape 4000 toutes versions V10 R1.x sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape 4000",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape Xpert Clients 6010P version V8 sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape Xpert Clients 6010P",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape SBC toutes versions V11.x sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape SBC",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice Business toutes versions 10.4.x",
"product": {
"name": "MiVoice Business",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape Contact Media Service (used by Mitel CXand OpenScape Contact Center) toutes versions V12Rx sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape Contact Media Service (used by Mitel CX and OpenScape Contact Center)",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice 5000 toutes versions 8.x sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "MiVoice 5000",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice Business toutes versions 10.2.x",
"product": {
"name": "MiVoice Business",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape Voice Server version V11 sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape Voice Server",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "Mitel Performance Analytics toutes versions 3.6x sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "Mitel Performance Analytics",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice Business Solution Virtual Instance toutes versions 2.x",
"product": {
"name": "MiVoice Business Solution Virtual Instance",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape 4000 version V11 R1.26 sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape 4000",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice Business toutes versions 10.5.x",
"product": {
"name": "MiVoice Business",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiCloud Management Portal toutes versions 6.3.x",
"product": {
"name": "MiCloud Management Portal",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice Border Gateway toutes versions 12.x",
"product": {
"name": "MiVoice Border Gateway",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice Border Gateway toutes versions 11.6.x",
"product": {
"name": "MiVoice Border Gateway",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "OpenScape Branch toutes versions V11.x sans le correctif de s\u00e9curit\u00e9 KB000127880",
"product": {
"name": "OpenScape Branch",
"vendor": {
"name": "Mitel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-43284",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43284"
},
{
"name": "CVE-2026-43500",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43500"
}
],
"initial_release_date": "2026-06-01T00:00:00",
"last_revision_date": "2026-06-01T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0672",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-01T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Mitel. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mitel",
"vendor_advisories": [
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Mitel MISA-2026-0004",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2026-0004"
}
]
}
CERTFR-2025-AVI-0618
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Mitel. Elles permettent à un attaquant de provoquer une injection SQL (SQLi) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Les correctifs pour MiVoice MX-ONE version 7.3 et postérieures sont disponibles à la discrétion de Mitel.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mitel | MiCollab | MiCollab versions antérieures à 9.8 SP3 FP1 (9.8.3.103) | ||
| Mitel | MiVoice MX-ONE | MiVoice MX-ONE versions 7.8 sans le correctif MXO-15711_78SP0 | ||
| Mitel | MiVoice MX-ONE | MiVoice MX-ONE versions 7.8 SP1 sans le correctif MXO-15711_78SP1 | ||
| Mitel | MiCollab | MiCollab versions 10.x antérieures à 10.1 (10.1.0.10) |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "MiCollab versions ant\u00e9rieures \u00e0 9.8 SP3 FP1 (9.8.3.103)",
"product": {
"name": "MiCollab",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice MX-ONE versions 7.8 sans le correctif MXO-15711_78SP0",
"product": {
"name": "MiVoice MX-ONE",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiVoice MX-ONE versions 7.8 SP1 sans le correctif MXO-15711_78SP1",
"product": {
"name": "MiVoice MX-ONE",
"vendor": {
"name": "Mitel",
"scada": false
}
}
},
{
"description": "MiCollab versions 10.x ant\u00e9rieures \u00e0 10.1 (10.1.0.10)",
"product": {
"name": "MiCollab",
"vendor": {
"name": "Mitel",
"scada": false
}
}
}
],
"affected_systems_content": "Les correctifs pour MiVoice MX-ONE version 7.3 et post\u00e9rieures sont disponibles \u00e0 la discr\u00e9tion de Mitel.",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-52914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52914"
},
{
"name": "CVE-2025-67822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67822"
}
],
"initial_release_date": "2025-07-24T00:00:00",
"last_revision_date": "2026-01-28T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0618",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-24T00:00:00.000000"
},
{
"description": "Ajout R\u00e9f\u00e9rence CVE CVE-2025-67822",
"revision_date": "2026-01-28T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Mitel. Elles permettent \u00e0 un attaquant de provoquer une injection SQL (SQLi) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mitel",
"vendor_advisories": [
{
"published_at": "2025-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 Mitel 2025-0008",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0008"
},
{
"published_at": "2025-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 Mitel 2025-0009",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0009"
}
]
}
CERTFR-2024-AVI-0451
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans Mitel MiVoice MX-ONE. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mitel | MiVoice MX-ONE | MiVoice MX-ONE versions antérieures à 7.7 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "MiVoice MX-ONE versions ant\u00e9rieures \u00e0 7.7",
"product": {
"name": "MiVoice MX-ONE",
"vendor": {
"name": "Mitel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-36446",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36446"
}
],
"initial_release_date": "2024-05-30T00:00:00",
"last_revision_date": "2024-05-30T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0451",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Mitel MiVoice MX-ONE. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Vuln\u00e9rabilit\u00e9 dans Mitel MiVoice MX-ONE",
"vendor_advisories": [
{
"published_at": "2024-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Mitel 24-0017",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0017"
}
]
}