Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
320
VMScore
CVE-2020-24692
The Ignite portal in Mitel MiContact Center Business prior to 9.3.0.0 could allow an malicious user to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an malicious user to gain access to a user session.
Mitel Micontact Center Business
356
VMScore
CVE-2020-9379
The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 up to and including 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. A successful exploit could allow unauthorized access to user conversations.
Mitel Micontact Center Business
570
VMScore
CVE-2021-3352
The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 up to and including 8.1.4.1 and 9.0.0.0 up to and including 9.3.1.0 could allow an unauthenticated malicious user to access (view and modify) user data without authorization due to improper handling of t...
Mitel Micontact Center Business
NA
CVE-2023-40265
An issue exists in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows authenticated remote code execution via file upload.
Mitel Unify Openscape Xpressions Webassistant
NA
CVE-2023-40266
An issue exists in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows path traversal.
Mitel Unify Openscape Xpressions Webassistant
383
VMScore
CVE-2018-16226
A vulnerability in the web admin component of Mitel MiVoice Office 400, versions R5.0 HF3 (v8839a1) and previous versions, could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack, due to insufficient validation for the start.asp page...
Mitel Mivoice Office 400 R5.0
258
VMScore
CVE-2016-6562
On iOS and Android devices, the ShoreTel Mobility Client app version 9.1.3.109 fails to properly validate SSL certificates provided by HTTPS connections, which means that an attacker in the position to perform MITM attacks may be able to obtain sensitive account information such ...
Mitel Shortel Mobility Client 9.1.3.109
445
VMScore
CVE-2020-11797
An Authentication Bypass vulnerability in the Published Area of the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.4 and 9.x prior to 9.1.3 could allow an unauthenticated malicious user to gain access to unauthorized information due to insufficient access validat...
Mitel Micollab Audio\\, Web \\& Video Conferencing
383
VMScore
CVE-2019-19371
A cross-site scripting (XSS) vulnerability in the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.2 could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation in the join meeting interface....
Mitel Micollab Audio\\, Web \\& Video Conferencing
668
VMScore
CVE-2019-19607
A SQL injection vulnerability in the web conferencing component of Mitel MiCollab AWV prior to 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the session parameter. A successful exploit could allow an malicious user to extract sensitive inf...
Mitel Micollab Audio\\, Web \\& Video Conferencing
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »