Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-29499
The Service Appliance component in Mitel MiVoice Connect up to and including 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA.
Mitel Mivoice Connect
2 Articles
9
CVSSv2
CVE-2022-26143
The TP-240 (aka tp240dvr) component in Mitel MiCollab prior to 9.4 SP1 FP1 and MiVoice Business Express up to and including 8.1 allows remote malicious users to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). Th...
Mitel Micollab 9.4
Mitel Mivoice Business Express
Mitel Micollab
1 Article
4.3
CVSSv2
CVE-2021-32068
The AWV and MiCollab Client Service components in Mitel MiCollab prior to 9.3 could allow an malicious user to perform a Man-In-the-Middle attack by sending multiple session renegotiation requests, due to insufficient TLS session controls. A successful exploit could allow an mali...
Mitel Micollab
5.8
CVSSv2
CVE-2021-32070
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an malicious user to modify the browser header and redirect users.
Mitel Micollab
6.4
CVSSv2
CVE-2021-32067
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to view sensitive system information through an HTTP response due to insufficient output sanitization.
Mitel Micollab
5.8
CVSSv2
CVE-2021-32069
The AWV component of Mitel MiCollab prior to 9.3 could allow an malicious user to perform a Man-In-the-Middle attack due to improper TLS negotiation. A successful exploit could allow an malicious user to view and modify data.
Mitel Micollab
7.5
CVSSv2
CVE-2021-32071
The MiCollab Client service in Mitel MiCollab prior to 9.3 could allow an unauthenticated user to gain system access due to improper access control. A successful exploit could allow an malicious user to view and modify application data, and cause a denial of service for users.
Mitel Micollab
4.3
CVSSv2
CVE-2021-27401
The Join Meeting page of Mitel MiCollab Web Client prior to 9.2 FP2 could allow an malicious user to access (view and modify) user data by executing arbitrary code due to insufficient input validation, aka Cross-Site Scripting (XSS).
Mitel Micollab
Mitel Micollab 9.2
6.4
CVSSv2
CVE-2021-27402
The SAS Admin portal of Mitel MiCollab prior to 9.2 FP2 could allow an unauthenticated malicious user to access (view and modify) user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal.
Mitel Micollab
Mitel Micollab 9.2
4
CVSSv2
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful exploit could allow an malicious user to view source cod...
Mitel Micollab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »