Mitel

Micollab

49 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-35286

  • EPSS 72.32%
  • Veröffentlicht 21.10.2024 21:15:05
  • Zuletzt bearbeitet 07.07.2025 17:55:27

A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access ...

6.7

CVE-2024-35287

  • EPSS 0.02%
  • Veröffentlicht 21.10.2024 21:15:05
  • Zuletzt bearbeitet 07.07.2025 17:55:48

A vulnerability in the NuPoint Messenger (NPM) component of Mitel MiCollab through version 9.8 SP1 (9.8.1.5) could allow an authenticated attacker with administrative privilege to conduct a privilege escalation attack due to the execution of a resour...

9.8

CVE-2024-35314

  • EPSS 7.01%
  • Veröffentlicht 21.10.2024 21:15:05
  • Zuletzt bearbeitet 07.07.2025 17:54:52

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter...

5.6

CVE-2024-35315

  • EPSS 0.5%
  • Veröffentlicht 21.10.2024 21:15:05
  • Zuletzt bearbeitet 07.07.2025 17:54:43

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validat...

7.2

CVE-2024-30158

  • EPSS 0.29%
  • Veröffentlicht 21.10.2024 21:15:04
  • Zuletzt bearbeitet 25.10.2024 16:30:09

A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful ex...

7.2

CVE-2024-30157

  • EPSS 0.28%
  • Veröffentlicht 21.10.2024 21:15:04
  • Zuletzt bearbeitet 21.11.2024 09:11:19

A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A su...

8.2

CVE-2024-47912

  • EPSS 0.37%
  • Veröffentlicht 21.10.2024 20:15:14
  • Zuletzt bearbeitet 07.07.2025 17:52:18

A vulnerability in the AWV (Audio, Web, and Video) Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to perform unauthorized data-access attacks due to missing authentication mechanisms. ...

9.4

CVE-2024-47223

  • EPSS 0.78%
  • Veröffentlicht 21.10.2024 20:15:14
  • Zuletzt bearbeitet 07.07.2025 17:52:15

A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A suc...

7.7

CVE-2024-47189

  • EPSS 0.38%
  • Veröffentlicht 21.10.2024 20:15:14
  • Zuletzt bearbeitet 07.07.2025 17:52:12

The API Interface of the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct SQL injection due to insufficient sanitization of user input. A successful...

5.9

CVE-2023-25597

  • EPSS 0.25%
  • Veröffentlicht 14.04.2023 21:15:08
  • Zuletzt bearbeitet 07.02.2025 22:15:11

A vulnerability in the web conferencing component of Mitel MiCollab through 9.6.2.9 could allow an unauthenticated attacker to download a shared file via a crafted request - including the exact path and filename - due to improper authentication contr...