Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
320
VMScore
CVE-2020-24692
The Ignite portal in Mitel MiContact Center Business prior to 9.3.0.0 could allow an malicious user to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an malicious user to gain access to a user session.
Mitel Micontact Center Business
NA
CVE-2023-39286
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect up to and including 9.6.2304.102 could allow an unauthenticated malicious user to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit coul...
Mitel Connect Mobility Router
NA
CVE-2023-22854
The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 up to and including 9.4.1.0 could allow an unauthenticated malicious user to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive in...
Mitel Micontact Center Business
258
VMScore
CVE-2016-6562
On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly validate SSL certificates provided by HTTPS connections, which means that an attacker in the position to perform MITM attacks may be able to obtain sensitive account information such ...
Mitel Shortel Mobility Client 9.1.3.109
NA
CVE-2023-40265
An issue exists in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows authenticated remote code execution via file upload.
Mitel Unify Openscape Xpressions Webassistant
NA
CVE-2023-40266
An issue exists in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows path traversal.
Mitel Unify Openscape Xpressions Webassistant
383
VMScore
CVE-2018-16226
A vulnerability in the web admin component of Mitel MiVoice Office 400, versions R5.0 HF3 (v8839a1) and previous versions, could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack, due to insufficient validation for the start.asp page...
Mitel Mivoice Office 400 R5.0
668
VMScore
CVE-2019-19607
A SQL injection vulnerability in the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the session parameter. A successful exploit could allow an malicious user to extract sensitive inf...
Mitel Micollab Audio\\, Web \\& Video Conferencing
668
VMScore
CVE-2019-19608
A SQL injection vulnerability in in the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the registeredList.cgi page. A successful exploit could allow an malicious user to extract sens...
Mitel Micollab Audio\\, Web \\& Video Conferencing
445
VMScore
CVE-2020-11798
A Directory Traversal vulnerability in the web conference component of Mitel MiCollab AWV prior to 8.1.2.4 and 9.x prior to 9.1.3 could allow an malicious user to access arbitrary files from restricted directories of the server via a crafted URL, due to insufficient access valida...
Mitel Micollab Audio\\, Web \\& Video Conferencing
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »