Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
micollab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-36451
A vulnerability in the MiCollab Client server component of Mitel MiCollab up to and including 9.5.0.101 could allow an authenticated malicious user to conduct a Server-Side Request Forgery (SSRF) attack due to insufficient restriction of URL parameters. A successful exploit could...
Mitel Micollab
4.3
CVSSv2
CVE-2020-25606
The AWV component of Mitel MiCollab prior to 9.2 could allow an malicious user to view system information by sending arbitrary code due to improper input validation, aka XSS.
Mitel Micollab
6.5
CVSSv2
CVE-2020-25608
The SAS portal of Mitel MiCollab prior to 9.2 could allow an malicious user to access user credentials due to improper input validation, aka SQL Injection.
Mitel Micollab
6.4
CVSSv2
CVE-2021-32067
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to view sensitive system information through an HTTP response due to insufficient output sanitization.
Mitel Micollab
5.8
CVSSv2
CVE-2021-32070
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an malicious user to modify the browser header and redirect users.
Mitel Micollab
4
CVSSv2
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab prior to 9.3 could allow an malicious user to get source code information (disclosing sensitive application data) due to insufficient output sanitization. A successful exploit could allow an malicious user to view source cod...
Mitel Micollab
5.8
CVSSv2
CVE-2021-32069
The AWV component of Mitel MiCollab prior to 9.3 could allow an malicious user to perform a Man-In-the-Middle attack due to improper TLS negotiation. A successful exploit could allow an malicious user to view and modify data.
Mitel Micollab
7.5
CVSSv2
CVE-2019-19607
A SQL injection vulnerability in the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the session parameter. A successful exploit could allow an malicious user to extract sensitive inf...
Mitel Micollab Audio\\, Web \\& Video Conferencing
5
CVSSv2
CVE-2018-18819
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601) and previous versions, and 8.0 (8.0.0.40) up to and including 8.0 SP2 FP2 (8.0.2.202), and MiVoice Business Express versions 7.3 PR3 (7.3.1.302) and previous versions, and 8.0 (8.0.0.40...
Mitel Micollab
Mitel Mivoice Business Express
5
CVSSv2
CVE-2020-11797
An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.4 and 9.x prior to 9.1.3 could allow an unauthenticated malicious user to gain access to unauthorized information due to insufficient access validat...
Mitel Micollab Audio\\, Web \\& Video Conferencing
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »