Mitel Forums - The Unofficial Source

Mitel Forums => Mitel MiVoice Business/MCD/3300 => Topic started by: lrjones198 on February 04, 2016, 02:24:54 PM

Title: vMCD "Unencrypted telnet server" vulnerability"
Post by: lrjones198 on February 04, 2016, 02:24:54 PM

We had an audit and the above was found. Does anyone know how I can either encrypt the connection, or disable telnet and those telnet features could use SSH instead?

This vulnerability shows up on of course port 23 but also 2001 and 15374.
Any help is appreciated.

Title: Re: vMCD "Unencrypted telnet server" vulnerability"
Post by: bluewhite4 on February 04, 2016, 05:31:54 PM

The simple answer is no. The 3300/MCD is not capable of ssh.

Title: Re: vMCD "Unencrypted telnet server" vulnerability"
Post by: lrjones198 on February 04, 2016, 05:43:18 PM

Is there a way to encrypt the telnet connection? I mean vxworks commands you can encrypt telnet for the 3300 but I am unable to find a technicians handbook for vMCD. Would anyone have access to a tech handbook for a vMCD?

Title: Re: vMCD "Unencrypted telnet server" vulnerability"
Post by: acejavelin on February 04, 2016, 09:55:37 PM

Even if they can be, these things should not be changed... and they should also not be a security concern since they should be opened in your firewall to the outside world.

Every unencrypted connection is not a security risk, this is not an information or file server, and these ports and connections are of very little consequence if your network is properly secured and you didn't do something foolish like put the MCD in the DMZ or something. Your security audit does not comprehend what these are and what they are for, just that they show up on a scan as "encrypted" and a potential threat, which they are not.