Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel micollab vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-27401
The Join Meeting page of Mitel MiCollab Web Client prior to 9.2 FP2 could allow an malicious user to access (view and modify) user data by executing arbitrary code due to insufficient input validation, aka Cross-Site Scripting (XSS).
Mitel Micollab
Mitel Micollab 9.2
6.5
CVSSv3
CVE-2021-27402
The SAS Admin portal of Mitel MiCollab prior to 9.2 FP2 could allow an unauthenticated malicious user to access (view and modify) user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal.
Mitel Micollab
Mitel Micollab 9.2
9.8
CVSSv3
CVE-2022-26143
The TP-240 (aka tp240dvr) component in Mitel MiCollab prior to 9.4 SP1 FP1 and MiVoice Business Express up to and including 8.1 allows remote malicious users to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). Th...
Mitel Micollab 9.4
Mitel Mivoice Business Express
Mitel Micollab
1 Article
9.8
CVSSv3
CVE-2019-12165
MiCollab 7.3 PR2 (7.3.0.204) and previous versions, 7.2 (7.2.2.13) and previous versions, and 7.1 (7.1.0.57) and previous versions and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful...
Mitel Micollab
Mitel Micollab Audio, Web & Video Conferencing
5.3
CVSSv3
CVE-2018-18819
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601) and previous versions, and 8.0 (8.0.0.40) up to and including 8.0 SP2 FP2 (8.0.2.202), and MiVoice Business Express versions 7.3 PR3 (7.3.1.302) and previous versions, and 8.0 (8.0.0.40...
Mitel Mivoice Business Express
Mitel Micollab
9.8
CVSSv3
CVE-2022-36452
A vulnerability in the web conferencing component of Mitel MiCollab up to and including 9.5.0.101 could allow an unauthenticated malicious user to upload malicious files. A successful exploit could allow an malicious user to execute arbitrary code within the context of the applic...
Mitel Micollab
6.5
CVSSv3
CVE-2022-36454
A vulnerability in the MiCollab Client API of Mitel MiCollab up to and including 9.5.0.101 could allow an authenticated malicious user to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated malicious user to i...
Mitel Micollab
5.4
CVSSv3
CVE-2021-32070
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an malicious user to modify the browser header and redirect users.
Mitel Micollab
9.8
CVSSv3
CVE-2021-32071
The MiCollab Client service in Mitel MiCollab prior to 9.3 could allow an unauthenticated user to gain system access due to improper access control. A successful exploit could allow an malicious user to view and modify application data, and cause a denial of service for users.
Mitel Micollab
5.4
CVSSv3
CVE-2020-25609
The NuPoint Messenger Portal of Mitel MiCollab prior to 9.2 could allow an authenticated malicious user to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an malicious user to view and modify user data.
Mitel Micollab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »