Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-19891
An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 and 8.1 could allow an malicious user to launch a man-in-the-middle attack. A successful exploit may allow the malicious user to intercept sensitive information.
Mitel Sip-dect Firmware 8.0
Mitel Sip-dect Firmware 8.1
890
VMScore
CVE-2019-12165
MiCollab 7.3 PR2 (7.3.0.204) and previous versions, 7.2 (7.2.2.13) and previous versions, and 7.1 (7.1.0.57) and previous versions and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful...
Mitel Micollab
Mitel Micollab Audio\\, Web \\& Video Conferencing
383
VMScore
CVE-2020-12679
A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote malicious users to inject arbitrary JavaScript and HTML via the PATH_INFO to home.php.
Mitel Mivoice Connect
Mitel Shoretel Conference Web 19.50.1000.0
445
VMScore
CVE-2020-24595
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
1 Github repository
445
VMScore
CVE-2020-24592
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
605
VMScore
CVE-2020-24594
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow an unauthenticated malicious user to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an malicious user to gain access to a user session.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
578
VMScore
CVE-2020-24593
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow a remote malicious user to conduct a SQL Injection attack and access user credentials due to improper input validation.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
383
VMScore
CVE-2021-32068
The AWV and MiCollab Client Service components in Mitel MiCollab prior to 9.3 could allow an malicious user to perform a Man-In-the-Middle attack by sending multiple session renegotiation requests, due to insufficient TLS session controls. A successful exploit could allow an mali...
Mitel Micollab
668
VMScore
CVE-2021-32071
The MiCollab Client service in Mitel MiCollab prior to 9.3 could allow an unauthenticated user to gain system access due to improper access control. A successful exploit could allow an malicious user to view and modify application data, and cause a denial of service for users.
Mitel Micollab
NA
CVE-2023-25597
A vulnerability in the web conferencing component of Mitel MiCollab up to and including 9.6.2.9 could allow an unauthenticated malicious user to download a shared file via a crafted request - including the exact path and filename - due to improper authentication control. A succes...
Mitel Micollab
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »