15-0013-003

Security Bulletin for Mitel Alarm Server
SECURITY BULLETIN ID: 15-0013-003
RELEASE VERSION: 1.0
DATE: 2016-02-01
SECURITY BULLETIN 15-0013-003 V1.0
OVERVIEW
This security bulletin provides product-specific details on the vulnerability described in Mitel Security Advisory 15-0013.
Visit http://www.mitel.com/security-advisories for more details.
Multiple vulnerabilities have been identified in specific versions of Oracle Java. The reported issues have varied levels
of risk, where some of which were rated as high. Details for some issues are undisclosed by the vendor.
As a precautionary measure, Mitel is updating products to use unaffected versions of Java. The corresponding CVEs
are identified in this Security Bulletin; customers are advised to consult these CVEs and vendor references for
technical details.
APPLICABLE PRODUCTS
This security bulletin provides information on the following products:
PRODUCT NAME
VERSION(S) AFFECTED
SOLUTION(S) AVAILABLE
Mitel Alarm Server
3.0
3.0 HF3
RISK / EXPOSURE
The following CVE is potentially applicable to Mitel Alarm Server:
CVE-2015-4843
Due to the limited information, Mitel’s ability to confirm applicablitiy and resolution is limited, and is therefore relying on
the vendor’s assertion.
Please consult the CVEs for additional details about the risk associated with this vulnerability.
MITIGATION / WORKAROUNDS
No workarounds are available
Mitigation is avaiable through update to Alarm Server 3.0 HF3
PATCH INFORMATION
A new release of Mitel Alarm Server is available, which allows the customer to update the JDK. Customers are
advised to update to Mitel Alarm Server 3.0 HF1 and update the JDK used by the Alarm Server. Instructions for the
updates are provided in the release notes of Mitel Alarm Server 3.0 HF1.
© Copyright 2016, Mitel Networks Corporation. All Rights Reserved.
The Mitel word and logo are trademarks of Mitel Networks Corporation.
Any reference to third party trademarks are for reference only and Mitel makes no representation of the ownership of
these marks.
Similar pages