Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-12165
MiCollab 7.3 PR2 (7.3.0.204) and previous versions, 7.2 (7.2.2.13) and previous versions, and 7.1 (7.1.0.57) and previous versions and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful...
Mitel Micollab
Mitel Micollab Audio\\, Web \\& Video Conferencing
5.9
CVSSv3
CVE-2019-19891
An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 and 8.1 could allow an malicious user to launch a man-in-the-middle attack. A successful exploit may allow the malicious user to intercept sensitive information.
Mitel Sip-dect Firmware 8.0
Mitel Sip-dect Firmware 8.1
6.1
CVSSv3
CVE-2020-12679
A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote malicious users to inject arbitrary JavaScript and HTML via the PATH_INFO to home.php.
Mitel Mivoice Connect
Mitel Shoretel Conference Web 19.50.1000.0
5.3
CVSSv3
CVE-2020-24595
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
1 Github repository
5.3
CVSSv3
CVE-2020-24592
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
7.2
CVSSv3
CVE-2020-24593
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow a remote malicious user to conduct a SQL Injection attack and access user credentials due to improper input validation.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
9.6
CVSSv3
CVE-2020-24594
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow an unauthenticated malicious user to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an malicious user to gain access to a user session.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
6.1
CVSSv3
CVE-2020-25611
The AWV portal of Mitel MiCollab prior to 9.2 could allow an malicious user to gain access to conference information by sending arbitrary code due to improper input validation, aka XSS. Successful exploitation could allow an malicious user to view user conference information.
Mitel Micollab
5.9
CVSSv3
CVE-2020-13767
The Mitel MiCollab application prior to 9.1.332 for iOS could allow an unauthorized user to access restricted files and folders due to insufficient access control. An exploit requires a rooted iOS device, and (if successful) could allow an malicious user to gain access to sensiti...
Mitel Micollab
8.8
CVSSv3
CVE-2022-36451
A vulnerability in the MiCollab Client server component of Mitel MiCollab up to and including 9.5.0.101 could allow an authenticated malicious user to conduct a Server-Side Request Forgery (SSRF) attack due to insufficient restriction of URL parameters. A successful exploit could...
Mitel Micollab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »