Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel micollab vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-13863
The SAS portal of Mitel MiCollab prior to 9.1.3 could allow an malicious user to access user data by performing a header injection in HTTP responses, due to the improper handling of input parameters. A successful exploit could allow an malicious user to access user information.
Mitel Micollab
7.5
CVSSv3
CVE-2020-11797
An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.4 and 9.x prior to 9.1.3 could allow an unauthenticated malicious user to gain access to unauthorized information due to insufficient access validat...
Mitel Micollab Audio\\, Web \\& Video Conferencing
7.5
CVSSv3
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
307 Github repositories
4 Articles
7.2
CVSSv3
CVE-2020-25608
The SAS portal of Mitel MiCollab prior to 9.2 could allow an malicious user to access user credentials due to improper input validation, aka SQL Injection.
Mitel Micollab
6.5
CVSSv3
CVE-2022-36454
A vulnerability in the MiCollab Client API of Mitel MiCollab up to and including 9.5.0.101 could allow an authenticated malicious user to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated malicious user to i...
Mitel Micollab
6.5
CVSSv3
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful exploit could allow an malicious user to view source cod...
Mitel Micollab
6.5
CVSSv3
CVE-2021-27402
The SAS Admin portal of Mitel MiCollab prior to 9.2 FP2 could allow an unauthenticated malicious user to access (view and modify) user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal.
Mitel Micollab
Mitel Micollab 9.2
6.5
CVSSv3
CVE-2021-32067
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to view sensitive system information through an HTTP response due to insufficient output sanitization.
Mitel Micollab
6.1
CVSSv3
CVE-2021-27401
The Join Meeting page of Mitel MiCollab Web Client prior to 9.2 FP2 could allow an malicious user to access (view and modify) user data by executing arbitrary code due to insufficient input validation, aka Cross-Site Scripting (XSS).
Mitel Micollab
Mitel Micollab 9.2
6.1
CVSSv3
CVE-2020-25606
The AWV component of Mitel MiCollab prior to 9.2 could allow an malicious user to view system information by sending arbitrary code due to improper input validation, aka XSS.
Mitel Micollab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »