Mitel CCMWeb OpenRedirect

Advisory Information

Title: Mitel CCMWeb OpenRedirect

Date Published: 

Advisory Summary

The application accepts user input and then on completion of an additional task redirects the user to an external link.



Affected Software

Product Version
MiCC (CcmWeb 7.x and earlier

Description of Issue

A Open Redirect vulnerability was discovered in the MiContact Center version 7.1. This vulnerability was found in the login component of CCMWeb and could be exploited by modifying the ‘redirecturl’ parameter to point to an attacker controlled site. This vulnerability could be used as part of a phishing attack as the domain element will be familiar to the client building trust in the URL. As the site redirection does not happen until the user has authenticated to the site it may be possible to set up credential theft scenarios by cloning the CCMWeb login page.


The following proof of concept redirect the user to after a successful login. This is only a proof of concept and through obfuscation or tiny URL technologies the Google URL could be changed to something miscellaneous.


Reported – 26th January 2015

Accepted – 31st March 2015

Advisory Published – 4th October 2015