Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel micollab vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2020-25612
The NuPoint Messenger of Mitel MiCollab prior to 9.2 could allow an attacker with escalated privilege to access user files due to insufficient access control. Successful exploit could potentially allow an malicious user to gain access to sensitive information.
Mitel Micollab
383
VMScore
CVE-2020-25606
The AWV component of Mitel MiCollab prior to 9.2 could allow an malicious user to view system information by sending arbitrary code due to improper input validation, aka XSS.
Mitel Micollab
383
VMScore
CVE-2020-25611
The AWV portal of Mitel MiCollab prior to 9.2 could allow an malicious user to gain access to conference information by sending arbitrary code due to improper input validation, aka XSS. Successful exploitation could allow an malicious user to view user conference information.
Mitel Micollab
490
VMScore
CVE-2020-13863
The SAS portal of Mitel MiCollab prior to 9.1.3 could allow an malicious user to access user data by performing a header injection in HTTP responses, due to the improper handling of input parameters. A successful exploit could allow an malicious user to access user information.
Mitel Micollab
356
VMScore
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful exploit could allow an malicious user to view source cod...
Mitel Micollab
516
VMScore
CVE-2020-27340
The online help portal of Mitel MiCollab prior to 9.2 could allow an malicious user to redirect a user to an unauthorized website by executing malicious script due to insufficient access control.
Mitel Micollab
NA
CVE-2022-41326
The web conferencing component of Mitel MiCollab up to and including 9.6.0.13 could allow an unauthenticated malicious user to upload arbitrary scripts due to improper authorization controls. A successful exploit could allow remote code execution within the context of the applica...
Mitel Micollab
NA
CVE-2022-36451
A vulnerability in the MiCollab Client server component of Mitel MiCollab up to and including 9.5.0.101 could allow an authenticated malicious user to conduct a Server-Side Request Forgery (SSRF) attack due to insufficient restriction of URL parameters. A successful exploit could...
Mitel Micollab
668
VMScore
CVE-2019-19607
A SQL injection vulnerability in the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the session parameter. A successful exploit could allow an malicious user to extract sensitive inf...
Mitel Micollab Audio\\, Web \\& Video Conferencing
445
VMScore
CVE-2020-11798
A Directory Traversal vulnerability in the web conference component of Mitel MiCollab AWV prior to 8.1.2.4 and 9.x prior to 9.1.3 could allow an malicious user to access arbitrary files from restricted directories of the server via a crafted URL, due to insufficient access valida...
Mitel Micollab Audio\\, Web \\& Video Conferencing
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »