Mitel

Micollab

49 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-35286

  • EPSS 72.32%
  • Published 21.10.2024 21:15:05
  • Last modified 07.07.2025 17:55:27

A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access ...

6.7

CVE-2024-35287

  • EPSS 0.02%
  • Published 21.10.2024 21:15:05
  • Last modified 07.07.2025 17:55:48

A vulnerability in the NuPoint Messenger (NPM) component of Mitel MiCollab through version 9.8 SP1 (9.8.1.5) could allow an authenticated attacker with administrative privilege to conduct a privilege escalation attack due to the execution of a resour...

9.8

CVE-2024-35314

  • EPSS 7.01%
  • Published 21.10.2024 21:15:05
  • Last modified 07.07.2025 17:54:52

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter...

5.6

CVE-2024-35315

  • EPSS 0.5%
  • Published 21.10.2024 21:15:05
  • Last modified 07.07.2025 17:54:43

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validat...

7.2

CVE-2024-30158

  • EPSS 0.29%
  • Published 21.10.2024 21:15:04
  • Last modified 25.10.2024 16:30:09

A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful ex...

7.2

CVE-2024-30157

  • EPSS 0.28%
  • Published 21.10.2024 21:15:04
  • Last modified 21.11.2024 09:11:19

A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A su...

8.2

CVE-2024-47912

  • EPSS 0.37%
  • Published 21.10.2024 20:15:14
  • Last modified 07.07.2025 17:52:18

A vulnerability in the AWV (Audio, Web, and Video) Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to perform unauthorized data-access attacks due to missing authentication mechanisms. ...

9.4

CVE-2024-47223

  • EPSS 0.78%
  • Published 21.10.2024 20:15:14
  • Last modified 07.07.2025 17:52:15

A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A suc...

7.7

CVE-2024-47189

  • EPSS 0.38%
  • Published 21.10.2024 20:15:14
  • Last modified 07.07.2025 17:52:12

The API Interface of the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct SQL injection due to insufficient sanitization of user input. A successful...

5.9

CVE-2023-25597

  • EPSS 0.25%
  • Published 14.04.2023 21:15:08
  • Last modified 07.02.2025 22:15:11

A vulnerability in the web conferencing component of Mitel MiCollab through 9.6.2.9 could allow an unauthenticated attacker to download a shared file via a crafted request - including the exact path and filename - due to improper authentication contr...