Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-32071
The MiCollab Client service in Mitel MiCollab prior to 9.3 could allow an unauthenticated user to gain system access due to improper access control. A successful exploit could allow an malicious user to view and modify application data, and cause a denial of service for users.
Mitel Micollab
4.3
CVSSv2
CVE-2020-13767
The Mitel MiCollab application prior to 9.1.332 for iOS could allow an unauthorized user to access restricted files and folders due to insufficient access control. An exploit requires a rooted iOS device, and (if successful) could allow an malicious user to gain access to sensiti...
Mitel Micollab
5
CVSSv2
CVE-2017-16250
A vulnerability in Mitel ST 14.2, release GA28 and previous versions, could allow an malicious user to use the API function to enumerate through user-ids which could be used to identify valid user ids and associated user names.
Mitel St14.2
NA
CVE-2022-36451
A vulnerability in the MiCollab Client server component of Mitel MiCollab up to and including 9.5.0.101 could allow an authenticated malicious user to conduct a Server-Side Request Forgery (SSRF) attack due to insufficient restriction of URL parameters. A successful exploit could...
Mitel Micollab
NA
CVE-2022-36452
A vulnerability in the web conferencing component of Mitel MiCollab up to and including 9.5.0.101 could allow an unauthenticated malicious user to upload malicious files. A successful exploit could allow an malicious user to execute arbitrary code within the context of the applic...
Mitel Micollab
NA
CVE-2022-36453
A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 up to and including 9.5.0.101 could allow an authenticated malicious user to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated malicious use...
Mitel Micollab
NA
CVE-2022-36454
A vulnerability in the MiCollab Client API of Mitel MiCollab up to and including 9.5.0.101 could allow an authenticated malicious user to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated malicious user to i...
Mitel Micollab
4
CVSSv2
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful exploit could allow an malicious user to view source cod...
Mitel Micollab
5.5
CVSSv2
CVE-2020-13863
The SAS portal of Mitel MiCollab prior to 9.1.3 could allow an malicious user to access user data by performing a header injection in HTTP responses, due to the improper handling of input parameters. A successful exploit could allow an malicious user to access user information.
Mitel Micollab
NA
CVE-2023-25597
A vulnerability in the web conferencing component of Mitel MiCollab up to and including 9.6.2.9 could allow an unauthenticated malicious user to download a shared file via a crafted request - including the exact path and filename - due to improper authentication control. A succes...
Mitel Micollab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »