Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-31458
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and previous versions could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not...
Mitel Mivoice Connect
NA
CVE-2023-25599
A vulnerability in the conferencing component of Mitel MiVoice Connect up to and including 19.3 SP2, 22.24.1500.0 could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the test_presenter.php page....
Mitel Mivoice Connect
Mitel Mivoice Connect 19.3
NA
CVE-2023-31457
A vulnerability in the Headquarters server component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and previous versions could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.
Mitel Mivoice Connect
NA
CVE-2023-31459
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and previous versions could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because the initial installation does...
Mitel Mivoice Connect
NA
CVE-2023-31460
A vulnerability in the Connect Mobility Router component of MiVoice Connect versions 9.6.2208.101 and previous versions could allow an authenticated attacker with internal network access to conduct a command injection attack due to insufficient restriction on URL parameters.
Mitel Mivoice Connect
NA
CVE-2023-25598
A vulnerability in the conferencing component of Mitel MiVoice Connect up to and including 19.3 SP2 and 20.x, 21.x, and 22.x up to and including 22.24.1500.0 could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient...
Mitel Mivoice Connect
NA
CVE-2023-25597
A vulnerability in the web conferencing component of Mitel MiCollab up to and including 9.6.2.9 could allow an unauthenticated malicious user to download a shared file via a crafted request - including the exact path and filename - due to improper authentication control. A succes...
Mitel Micollab
NA
CVE-2023-22854
The ccmweb component of Mitel MiContact Center Business server 9.2.2.0 up to and including 9.4.1.0 could allow an unauthenticated malicious user to download arbitrary files, due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive in...
Mitel Micontact Center Business
NA
CVE-2022-41223
The Director database component of MiVoice Connect up to and including 19.3 (22.22.6100.0) could allow an authenticated malicious user to conduct a code-injection attack via crafted data due to insufficient restrictions on the database data type.
Mitel Mivoice Connect
Mitel Mivoice Connect 19.3
NA
CVE-2022-41326
The web conferencing component of Mitel MiCollab up to and including 9.6.0.13 could allow an unauthenticated malicious user to upload arbitrary scripts due to improper authorization controls. A successful exploit could allow remote code execution within the context of the applica...
Mitel Micollab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »