Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel micontact center business vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-35283
A vulnerability in the Ignite component of Mitel MiContact Center Business up to and including 10.0.0.4 could allow an unauthenticated malicious user to conduct a stored cross-site scripting (XSS) attack due to insufficient input validation.
NA
CVE-2024-35284
A vulnerability in the legacy chat component of Mitel MiContact Center Business up to and including 10.0.0.4 could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation.
NA
CVE-2024-28069
A vulnerability in the legacy chat component of Mitel MiContact Center Business up to and including 10.0.0.4 could allow an unauthenticated malicious user to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an malicious user...
NA
CVE-2024-28070
A vulnerability in the legacy chat component of Mitel MiContact Center Business up to and including 10.0.0.4 could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation. A successful exploit could all...
NA
CVE-2023-22854
The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 up to and including 9.4.1.0 could allow an unauthenticated malicious user to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive in...
Mitel Micontact Center Business
570
VMScore
CVE-2021-3352
The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 up to and including 8.1.4.1 and 9.0.0.0 up to and including 9.3.1.0 could allow an unauthenticated malicious user to access (view and modify) user data without authorization due to improper handling of t...
Mitel Micontact Center Business
187
VMScore
CVE-2020-24693
The Ignite portal in Mitel MiContact Center Business prior to 9.3.0.0 could allow a local malicious user to view system information due to insufficient output sanitization.
Mitel Micontact Center Business
320
VMScore
CVE-2020-24692
The Ignite portal in Mitel MiContact Center Business prior to 9.3.0.0 could allow an malicious user to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an malicious user to gain access to a user session.
Mitel Micontact Center Business
356
VMScore
CVE-2020-9379
The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 up to and including 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. A successful exploit could allow unauthorized access to user conversations.
Mitel Micontact Center Business
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started