Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-26714
The Enterprise License Manager portal in Mitel MiContact Center Enterprise prior to 9.4 could allow a user to access restricted files and folders due to insufficient access control. A successful exploit could allow an malicious user to view and modify application data via Directo...
Mitel Micontact Center Enterprise
1 Github repository
6.4
CVSSv2
CVE-2020-35547
A library index page in NuPoint Messenger in Mitel MiCollab prior to 9.2 FP1 could allow an unauthenticated malicious user to gain access (view and modify) to user data.
Mitel Micollab
6
CVSSv2
CVE-2021-3176
The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for Windows prior to 6.4.15 and 7.x prior to 7.1.2 could allow an malicious user to gain access to user information by sending certain code, due to improper input validation of http links. A successful exploit cou...
Mitel Businesscti Enterprise
5.8
CVSSv2
CVE-2020-27340
The online help portal of Mitel MiCollab prior to 9.2 could allow an malicious user to redirect a user to an unauthorized website by executing malicious script due to insufficient access control.
Mitel Micollab
4.8
CVSSv2
CVE-2020-27639
The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP phones with firmware prior to 5.1.0.SP6 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A ...
Mitel 6873i Sip Firmware
Mitel 6873i Sip Firmware 5.1.0
Mitel 6930 Sip Firmware
Mitel 6930 Sip Firmware 5.1.0
Mitel 6940 Sip Firmware
Mitel 6940 Sip Firmware 5.1.0
6.5
CVSSv2
CVE-2020-27154
The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client for Windows prior to 6.4.11 and 7.x prior to 7.0.3 could allow an malicious user to gain access to user information by sending arbitrary code, due to improper input validation. A successful exploit could allow an mali...
Mitel Businesscti Enterprise
4.3
CVSSv2
CVE-2020-25611
The AWV portal of Mitel MiCollab prior to 9.2 could allow an malicious user to gain access to conference information by sending arbitrary code due to improper input validation, aka XSS. Successful exploitation could allow an malicious user to view user conference information.
Mitel Micollab
2.1
CVSSv2
CVE-2020-24693
The Ignite portal in Mitel MiContact Center Business prior to 9.3.0.0 could allow a local malicious user to view system information due to insufficient output sanitization.
Mitel Micontact Center Business
4.8
CVSSv2
CVE-2020-27640
The Bluetooth handset of Mitel MiVoice 6940 and 6930 MiNet phones with firmware prior to 1.5.3 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A successful...
Mitel Mivoice 6940 Firmware
Mitel Mivoice 6930 Firmware
4.3
CVSSv2
CVE-2020-25606
The AWV component of Mitel MiCollab prior to 9.2 could allow an malicious user to view system information by sending arbitrary code due to improper input validation, aka XSS.
Mitel Micollab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »