Mitel

Mivoice Connect

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-39285

  • EPSS 0.11%
  • Veröffentlicht 14.09.2023 19:16:50
  • Zuletzt bearbeitet 21.11.2024 08:15:04

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24.5800.0) could allow an unauthenticated attacker to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful ...

4.9

CVE-2023-39291

  • EPSS 0.12%
  • Veröffentlicht 25.08.2023 22:15:11
  • Zuletzt bearbeitet 21.11.2024 08:15:05

A vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful ex...

4.9

CVE-2023-39290

  • EPSS 0.12%
  • Veröffentlicht 25.08.2023 22:15:11
  • Zuletzt bearbeitet 21.11.2024 08:15:04

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A succes...

7.5

CVE-2023-39289

  • EPSS 0.25%
  • Veröffentlicht 25.08.2023 22:15:10
  • Zuletzt bearbeitet 21.11.2024 08:15:04

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an...

5.5

CVE-2023-39288

  • EPSS 0.15%
  • Veröffentlicht 25.08.2023 22:15:10
  • Zuletzt bearbeitet 21.11.2024 08:15:04

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insuffici...

5.5

CVE-2023-39287

  • EPSS 0.15%
  • Veröffentlicht 25.08.2023 22:15:10
  • Zuletzt bearbeitet 21.11.2024 08:15:04

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insuffici...

9.8

CVE-2023-32748

  • EPSS 0.35%
  • Veröffentlicht 14.08.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 08:03:57

The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.

9.8

CVE-2023-31458

  • EPSS 0.27%
  • Veröffentlicht 24.05.2023 21:15:11
  • Zuletzt bearbeitet 31.01.2025 14:15:32

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial i...

7.4

CVE-2023-25599

  • EPSS 0.29%
  • Veröffentlicht 24.05.2023 21:15:11
  • Zuletzt bearbeitet 16.01.2025 21:15:14

A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2, 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the test_present...

7.2

CVE-2023-31460

  • EPSS 2.28%
  • Veröffentlicht 24.05.2023 20:15:10
  • Zuletzt bearbeitet 31.01.2025 14:15:33

A vulnerability in the Connect Mobility Router component of MiVoice Connect versions 9.6.2208.101 and earlier could allow an authenticated attacker with internal network access to conduct a command injection attack due to insufficient restriction on ...