Login Sign Up

CVE-2021-3352

9.1 CRITICAL
Authentication Bypass

📋 TL;DR

This vulnerability in Mitel MiContact Center Business allows unauthenticated attackers to view and modify user data without authorization due to improper token handling. It affects organizations using MiContact Center Business versions 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0.

💻 Affected Systems

Products:
  • Mitel MiContact Center Business
Versions: 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0
Operating Systems: Not specified in advisory
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the Software Development Kit component of MiContact Center Business installations.

📦 What is this software?

Micontact Center Business by Mitel

View all CVEs affecting Micontact Center Business →

Micontact Center Business by Mitel

View all CVEs affecting Micontact Center Business →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of user data including sensitive customer information, configuration tampering, and potential lateral movement within the contact center environment.

🟠

Likely Case

Unauthorized access to user data, potential data theft or modification, and privacy violations.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, but still presents data exposure risk.

🌐 Internet-Facing: HIGH - Unauthenticated exploitation makes internet-facing instances particularly vulnerable to external attackers.
🏢 Internal Only: HIGH - Even internally deployed systems are vulnerable to any network-accessible attacker due to unauthenticated nature.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability requires no authentication and involves improper token handling, suggesting relatively straightforward exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 8.1.4.1 and 9.3.1.0

Vendor Advisory: https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0002

Restart Required: Yes

Instructions:

1. Download the latest patch from Mitel support portal. 2. Apply the patch following Mitel's installation documentation. 3. Restart the MiContact Center Business services. 4. Verify the update was successful.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to MiContact Center Business systems to only trusted networks and required users.

Access Control Lists

all

Implement strict firewall rules to limit access to the vulnerable SDK endpoints.

🧯 If You Can't Patch

  • Isolate affected systems from internet and untrusted networks
  • Implement strict network monitoring and anomaly detection for unauthorized access attempts

🔍 How to Verify

Check if Vulnerable:

Check MiContact Center Business version against affected ranges: 8.0.0.0-8.1.4.1 or 9.0.0.0-9.3.1.0

Check Version:

Check through MiContact Center Business administration interface or consult system documentation

Verify Fix Applied:

Verify version is updated to a version higher than 8.1.4.1 or 9.3.1.0 respectively

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access attempts to SDK endpoints
  • Unusual token-related activity
  • Access from unexpected IP addresses

Network Indicators:

  • Traffic to MiContact Center Business SDK endpoints from unauthorized sources
  • Unusual data transfer patterns

SIEM Query:

source_ip NOT IN (trusted_ips) AND destination_port IN (mccb_ports) AND protocol IN (http, https)

📊 Metadata

CVE ID: CVE-2021-3352
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Published: August 13, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON