Key Information Vulnerability Overview Vulnerability Name: OpenScape Xpressions Path Traversal Vulnerability Announcement ID: MISA-2025-0005 Release Date: 2025-05-21 Update Date: 2025-05-21 Version: 1.0 Affected Products and Solutions Vulnerability Severity Mitigation Workarounds Disable access to WebApi or stop the WebApi service to address this issue. However, this workaround will impact services and should only be used as a temporary measure until the highlighted fix is applied. Solution / Recommended Actions This issue has been resolved in OpenScape Xpressions version V7R1 FR5 HF45 P914 (WebApi-811FR5-20970 hotfix). Customers are advised to upgrade to this version or later. For detailed information on patches and temporary workarounds, refer to Mitel Knowledge Base article KB00011016: https://mitel.service-now.com/kb_view.do?sysparm_article=KB00011016 If you cannot access these links, contact your Mitel authorized partner for support. For further information, contact Mitel Product Support.