Mitel

Mivoice Connect

25 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-39285

  • EPSS 0.11%
  • Published 14.09.2023 19:16:50
  • Last modified 21.11.2024 08:15:04

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24.5800.0) could allow an unauthenticated attacker to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful ...

4.9

CVE-2023-39291

  • EPSS 0.12%
  • Published 25.08.2023 22:15:11
  • Last modified 21.11.2024 08:15:05

A vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful ex...

4.9

CVE-2023-39290

  • EPSS 0.12%
  • Published 25.08.2023 22:15:11
  • Last modified 21.11.2024 08:15:04

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A succes...

7.5

CVE-2023-39289

  • EPSS 0.25%
  • Published 25.08.2023 22:15:10
  • Last modified 21.11.2024 08:15:04

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an...

5.5

CVE-2023-39288

  • EPSS 0.15%
  • Published 25.08.2023 22:15:10
  • Last modified 21.11.2024 08:15:04

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insuffici...

5.5

CVE-2023-39287

  • EPSS 0.15%
  • Published 25.08.2023 22:15:10
  • Last modified 21.11.2024 08:15:04

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insuffici...

9.8

CVE-2023-32748

  • EPSS 0.35%
  • Published 14.08.2023 18:15:10
  • Last modified 21.11.2024 08:03:57

The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.

9.8

CVE-2023-31458

  • EPSS 0.27%
  • Published 24.05.2023 21:15:11
  • Last modified 31.01.2025 14:15:32

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial i...

7.4

CVE-2023-25599

  • EPSS 0.29%
  • Published 24.05.2023 21:15:11
  • Last modified 16.01.2025 21:15:14

A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2, 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the test_present...

7.2

CVE-2023-31460

  • EPSS 2.28%
  • Published 24.05.2023 20:15:10
  • Last modified 31.01.2025 14:15:33

A vulnerability in the Connect Mobility Router component of MiVoice Connect versions 9.6.2208.101 and earlier could allow an authenticated attacker with internal network access to conduct a command injection attack due to insufficient restriction on ...