CVE-2023-22854 Information

Description

The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 through 9.4.1.0 could allow an unauthenticated attacker to download arbitrary files due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information.

Reference

https://www.mitel.com/support/security-advisories https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0001