Mitel

Micollab

49 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-52914

  • EPSS 0.03%
  • Veröffentlicht 08.08.2025 00:00:00
  • Zuletzt bearbeitet 08.08.2025 20:17:59

A vulnerability in the Suite Applications Services component of Mitel MiCollab 10.0 through SP1 FP1 (10.0.1.101) could allow an authenticated attacker to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploi...

9.8

CVE-2025-52913

  • EPSS 0.21%
  • Veröffentlicht 08.08.2025 00:00:00
  • Zuletzt bearbeitet 08.08.2025 20:30:18

A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP2 (9.8.2.12) could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit could ...

2.7

CVE-2024-55550

Warnung
  • EPSS 15%
  • Veröffentlicht 10.12.2024 19:15:31
  • Zuletzt bearbeitet 08.01.2025 20:46:01

Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to insufficient input sanitization. A successful exploit could allow the authenticated admin attacker to access resou...

6.5

CVE-2024-47224

  • EPSS 0.29%
  • Veröffentlicht 21.10.2024 21:15:06
  • Zuletzt bearbeitet 24.06.2025 01:21:34

A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a CRLF injection attack due to inadequate encoding of user input in URLs. A ...

8.8

CVE-2024-41714

  • EPSS 1.41%
  • Veröffentlicht 21.10.2024 21:15:06
  • Zuletzt bearbeitet 24.06.2025 01:29:55

A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoice Business Solution Virtual Instance (MiVB SVI) through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to ...

9.1

CVE-2024-41713

Warnung
  • EPSS 93.57%
  • Veröffentlicht 21.10.2024 21:15:06
  • Zuletzt bearbeitet 08.01.2025 20:31:25

A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit ...

6.6

CVE-2024-41712

  • EPSS 0.26%
  • Veröffentlicht 21.10.2024 21:15:06
  • Zuletzt bearbeitet 24.06.2025 01:30:56

A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow an authenticated attacker to conduct a command injection attack, due to insufficient validation of user input. A successful exploit could allow an attacke...

9.8

CVE-2024-35285

  • EPSS 4.28%
  • Veröffentlicht 21.10.2024 21:15:05
  • Zuletzt bearbeitet 07.07.2025 17:55:18

A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization.

4.8

CVE-2024-30159

  • EPSS 0.29%
  • Veröffentlicht 21.10.2024 21:15:05
  • Zuletzt bearbeitet 22.03.2025 15:15:37

A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a Stored Cross-Site Scripting (XSS) attack due to insufficient validation of user in...

4.8

CVE-2024-30160

  • EPSS 0.29%
  • Veröffentlicht 21.10.2024 21:15:05
  • Zuletzt bearbeitet 22.03.2025 15:15:37

A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a Stored Cross-Site Scripting (XSS) attack due to insufficient validation...