Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25599
A vulnerability in the conferencing component of Mitel MiVoice Connect up to and including 19.3 SP2, 22.24.1500.0 could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the test_presenter.php page....
Mitel Mivoice Connect
Mitel Mivoice Connect 19.3
NA
CVE-2023-31458
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and previous versions could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not...
Mitel Mivoice Connect
NA
CVE-2023-31457
A vulnerability in the Headquarters server component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and previous versions could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.
Mitel Mivoice Connect
NA
CVE-2023-31459
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and previous versions could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because the initial installation does...
Mitel Mivoice Connect
NA
CVE-2023-31460
A vulnerability in the Connect Mobility Router component of MiVoice Connect versions 9.6.2208.101 and previous versions could allow an authenticated attacker with internal network access to conduct a command injection attack due to insufficient restriction on URL parameters.
Mitel Mivoice Connect
NA
CVE-2023-25598
A vulnerability in the conferencing component of Mitel MiVoice Connect up to and including 19.3 SP2 and 20.x, 21.x, and 22.x up to and including 22.24.1500.0 could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient...
Mitel Mivoice Connect
NA
CVE-2023-25597
A vulnerability in the web conferencing component of Mitel MiCollab up to and including 9.6.2.9 could allow an unauthenticated malicious user to download a shared file via a crafted request - including the exact path and filename - due to improper authentication control. A succes...
Mitel Micollab
NA
CVE-2023-22854
The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 up to and including 9.4.1.0 could allow an unauthenticated malicious user to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive in...
Mitel Micontact Center Business
NA
CVE-2022-40765
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect up to and including 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters.
Mitel Mivoice Connect
Mitel Mivoice Connect 19.3
NA
CVE-2022-41223
The Director database component of MiVoice Connect up to and including 19.3 (22.22.6100.0) could allow an authenticated malicious user to conduct a code-injection attack via crafted data due to insufficient restrictions on the database data type.
Mitel Mivoice Connect
Mitel Mivoice Connect 19.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »