Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-25606
The AWV component of Mitel MiCollab prior to 9.2 could allow an malicious user to view system information by sending arbitrary code due to improper input validation, aka XSS.
Mitel Micollab
6.5
CVSSv2
CVE-2020-25608
The SAS portal of Mitel MiCollab prior to 9.2 could allow an malicious user to access user credentials due to improper input validation, aka SQL Injection.
Mitel Micollab
5
CVSSv2
CVE-2020-25610
The AWV component of Mitel MiCollab prior to 9.2 could allow an malicious user to gain access to a web conference due to insufficient access control for conference codes.
Mitel Micollab
4.3
CVSSv2
CVE-2020-25611
The AWV portal of Mitel MiCollab prior to 9.2 could allow an malicious user to gain access to conference information by sending arbitrary code due to improper input validation, aka XSS. Successful exploitation could allow an malicious user to view user conference information.
Mitel Micollab
4
CVSSv2
CVE-2020-25612
The NuPoint Messenger of Mitel MiCollab prior to 9.2 could allow an attacker with escalated privilege to access user files due to insufficient access control. Successful exploit could potentially allow an malicious user to gain access to sensitive information.
Mitel Micollab
4.3
CVSSv2
CVE-2020-28351
The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due to insufficient validation for the time_zone object in the HOME_MEETING&am...
Mitel Shoretel Firmware 19.46.1802.0
1 Github repository
NA
CVE-2023-39285
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect up to and including 19.3 SP3 (22.24.5800.0) could allow an unauthenticated malicious user to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit coul...
Mitel Mivoice Connect
NA
CVE-2023-39287
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect up to and including 19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sani...
Mitel Mivoice Connect
NA
CVE-2023-39288
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect up to and including 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sani...
Mitel Mivoice Connect
NA
CVE-2023-39289
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect up to and including 9.6.2208.101 could allow an unauthenticated malicious user to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an malicious u...
Mitel Mivoice Connect
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »