Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2019-12165
MiCollab 7.3 PR2 (7.3.0.204) and previous versions, 7.2 (7.2.2.13) and previous versions, and 7.1 (7.1.0.57) and previous versions and MiCollab AWV 6.3 (6.3.0.103), 6.2 (6.2.2.8), 6.1 (6.1.0.28), 6.0 (6.0.0.61), and 5.0 (5.0.5.7) have a Command Execution Vulnerability. Successful...
Mitel Micollab
Mitel Micollab Audio\\, Web \\& Video Conferencing
383
VMScore
CVE-2020-12679
A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote malicious users to inject arbitrary JavaScript and HTML via the PATH_INFO to home.php.
Mitel Mivoice Connect
Mitel Shoretel Conference Web 19.50.1000.0
383
VMScore
CVE-2019-19891
An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 and 8.1 could allow an malicious user to launch a man-in-the-middle attack. A successful exploit may allow the malicious user to intercept sensitive information.
Mitel Sip-dect Firmware 8.0
Mitel Sip-dect Firmware 8.1
445
VMScore
CVE-2020-24592
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
605
VMScore
CVE-2020-24594
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow an unauthenticated malicious user to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an malicious user to gain access to a user session.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
578
VMScore
CVE-2020-24593
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow a remote malicious user to conduct a SQL Injection attack and access user credentials due to improper input validation.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
445
VMScore
CVE-2020-24595
Mitel MiCloud Management Portal prior to 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control.
Mitel Micloud Management Portal
Mitel Micloud Management Portal 6.1
1 Github repository
578
VMScore
CVE-2020-25608
The SAS portal of Mitel MiCollab prior to 9.2 could allow an malicious user to access user credentials due to improper input validation, aka SQL Injection.
Mitel Micollab
641
VMScore
CVE-2022-29854
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and previous versions, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during syst...
Mitel Minet Firmware
383
VMScore
CVE-2019-19370
A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application prior to 9.0.15 for Android could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation in the ...
Mitel Micollab
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »