Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-27401
The Join Meeting page of Mitel MiCollab Web Client prior to 9.2 FP2 could allow an malicious user to access (view and modify) user data by executing arbitrary code due to insufficient input validation, aka Cross-Site Scripting (XSS).
Mitel Micollab
Mitel Micollab 9.2
6.4
CVSSv2
CVE-2021-27402
The SAS Admin portal of Mitel MiCollab prior to 9.2 FP2 could allow an unauthenticated malicious user to access (view and modify) user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal.
Mitel Micollab
Mitel Micollab 9.2
10
CVSSv2
CVE-2018-5782
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and previous versions, and Mitel ST 14.2, release GA28 and previous versions, could allow an unauthenticated malicious user to inject PHP code using specially crafted requests to the vsetho...
Mitel St14.2
Mitel Connect Onsite
1 Github repository
10
CVSSv2
CVE-2018-5779
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and previous versions, and Mitel ST 14.2, release GA28 and previous versions, could allow an unauthenticated malicious user to copy a malicious script into a newly generated PHP file and th...
Mitel St14.2
Mitel Connect Onsite
10
CVSSv2
CVE-2018-5780
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and previous versions, and Mitel ST 14.2, release GA28 and previous versions, could allow an unauthenticated malicious user to inject PHP code using specially crafted requests to the vnewme...
Mitel St14.2
Mitel Connect Onsite
10
CVSSv2
CVE-2018-5781
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and previous versions, and Mitel ST 14.2, release GA28 and previous versions, could allow an unauthenticated malicious user to inject PHP code using specially crafted requests to the vendre...
Mitel Connect Onsite
Mitel St14.2
5
CVSSv2
CVE-2018-18819
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601) and previous versions, and 8.0 (8.0.0.40) up to and including 8.0 SP2 FP2 (8.0.2.202), and MiVoice Business Express versions 7.3 PR3 (7.3.1.302) and previous versions, and 8.0 (8.0.0.40...
Mitel Micollab
Mitel Mivoice Business Express
4.3
CVSSv2
CVE-2018-9101
A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and previous versions, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and previous versions, could allow an unauthenticated malicious user to conduct a reflected cross-...
Mitel Mivoice Connect
Mitel St 14.2
4.3
CVSSv2
CVE-2018-9102
A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and previous versions, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and previous versions, could allow an unauthenticated malicious user to conduct an SQL injection a...
Mitel St 14.2
Mitel Mivoice Connect
4.3
CVSSv2
CVE-2018-9104
A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and previous versions, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and previous versions, could allow an unauthenticated malicious user to conduct a reflected cross-...
Mitel St 14.2
Mitel Mivoice Connect
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »