CVE-2023-39290
Description
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Mitel MiVoice Connect Edge Gateway improper configuration allows authenticated attackers with elevated privileges to disclose system information.
Vulnerability
The Edge Gateway component in Mitel MiVoice Connect versions 19.3 SP3 (22.24.5800.0) and earlier suffers from an improper configuration vulnerability [2]. This flaw allows an authenticated attacker with elevated privileges to access system information that should be restricted.
Exploitation
An attacker must first obtain authenticated access to the affected system with elevated privileges. No additional user interaction is required. The attacker can then leverage the improper configuration to query system information from the Edge Gateway component [2].
Impact
Successful exploitation results in information disclosure, allowing the attacker to view sensitive system information [2]. The confidentiality of the system is compromised, but there is no indication of integrity or availability impact.
Mitigation
Mitel has released updated software to address this vulnerability. Customers are advised to update their MiVoice Connect installations to the latest available version [2]. No workarounds are documented in the advisory.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Mitel/MiVoice Connectdescription
- Range: <= R19.3 SP3 (22.24.5800.0)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.