Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
micollab vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-25608
The SAS portal of Mitel MiCollab prior to 9.2 could allow an malicious user to access user credentials due to improper input validation, aka SQL Injection.
Mitel Micollab
4.3
CVSSv2
CVE-2020-25611
The AWV portal of Mitel MiCollab prior to 9.2 could allow an malicious user to gain access to conference information by sending arbitrary code due to improper input validation, aka XSS. Successful exploitation could allow an malicious user to view user conference information.
Mitel Micollab
5.8
CVSSv2
CVE-2020-27340
The online help portal of Mitel MiCollab prior to 9.2 could allow an malicious user to redirect a user to an unauthorized website by executing malicious script due to insufficient access control.
Mitel Micollab
5
CVSSv2
CVE-2020-11797
An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.4 and 9.x prior to 9.1.3 could allow an unauthenticated malicious user to gain access to unauthorized information due to insufficient access validat...
Mitel Micollab Audio\\, Web \\& Video Conferencing
5.5
CVSSv2
CVE-2020-13863
The SAS portal of Mitel MiCollab prior to 9.1.3 could allow an malicious user to access user data by performing a header injection in HTTP responses, due to the improper handling of input parameters. A successful exploit could allow an malicious user to access user information.
Mitel Micollab
4.3
CVSSv2
CVE-2020-13767
The Mitel MiCollab application prior to 9.1.332 for iOS could allow an unauthorized user to access restricted files and folders due to insufficient access control. An exploit requires a rooted iOS device, and (if successful) could allow an malicious user to gain access to sensiti...
Mitel Micollab
5
CVSSv2
CVE-2020-11798
A Directory Traversal vulnerability in the web conference component of Mitel MiCollab AWV prior to 8.1.2.4 and 9.x prior to 9.1.3 could allow an malicious user to access arbitrary files from restricted directories of the server via a crafted URL, due to insufficient access valida...
Mitel Micollab Audio\\, Web \\& Video Conferencing
7.5
CVSSv2
CVE-2019-19608
A SQL injection vulnerability in in the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the registeredList.cgi page. A successful exploit could allow an malicious user to extract sens...
Mitel Micollab Audio\\, Web \\& Video Conferencing
4.3
CVSSv2
CVE-2019-19370
A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application prior to 9.0.15 for Android could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation in the ...
Mitel Micollab
4.3
CVSSv2
CVE-2019-19371
A cross-site scripting (XSS) vulnerability in the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.2 could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation in the join meeting interface....
Mitel Micollab Audio\\, Web \\& Video Conferencing
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »